The digital payments growth in India has positioned the country as a global fintech leader, with online transactions growing 80% in 2020 and UPI transactions witnessing a 120% growth last year. However, according to Montek Singh Ahluwalia, Former Chairman, Planning Commission of India, the overregulation of security and e-commerce will leave room for only three-four big players who can comply, and India needs to learn from other countries how to go ahead with regulations in this space.
The National Payments Corporation of India (NPCI) reported 3.5 Bn transactions worth INR 6.39 Lakh Cr in August 2021, growing 9.5% by volume and 5.4% by value over the previous month. In June and July, transaction volume grew by 10% and 15% respectively on a month-on-month basis while transaction value had grown by 11% and 10% respectively
Paytm’s digital payments transaction volume spiked by 18% during July in comparison to PhonePe and Google Pay, which grew at 15% each.
According to a recent report by the Indian Private Equity and Venture Capital Association (IVCA) and Ernst & Young, digital payments in India is expected to grow at 27% CAGR during the FY20-25 period from INR 2,153 Lakh Cr transactions in FY20 to INR 7,092 Lakh Cr in FY25.
At a virtual session, organised by think-tank Empower India and IndusLaw, multi-speciality law firm, to better understand the problems that the RBI is attempting to solve with the digital payments regulations, Ahluwalia said: “India often ends up killing big industry via over regulation. The Indian government should learn from other countries and how they have regulated such companies in the digital payments space in a balanced manner and not do it like China.”
He added that retaining flexibility is important for India to grow. “If regulation is needed, it’s better if the big players compete with each other and foreign players and help the industry grow in India rather than kill the major players,” Ahluwalia said.
How RBI Changes May Impact Digital Payments Data
Last year, the RBI proposed some changes to its payment guidelines which is likely to have a significant impact on the future of digital payments.
According to the digital payments guidelines, starting September 30, 2021, RBI requires banks to notify their customers before and after any recurring debit and this requirement is agnostic of the digital payments mode.
Moreover, the RBI also released the Payment Aggregators and Payment Gateways (PAPG) guidelines to address data security and privacy concerns behind storing card-on-file (COF) data that does not allow merchant sites to save customer card details.
The debate comes at a time when the convenience and ease offered by digital payments continue, with the digital payments market expected to grow over three-folds to INR 7,092 Tn in India by 2025 and the current 160 Mn unique mobile payment users multiplying by 5 times to reach nearly 800 Mn by 2025.
According to Dr Aruna Sharma, former secretary, Government of India, data protection law should be like an umbrella, not just financial data but also personal data.
“The RBI has ring-fenced themselves by protecting financial data in their domain. When it comes to the data privacy issue, unless there’s a huge leak, the regulation should not operate in a heavy-handed manner. We have a huge cash economy and digital payments is the only way to tackle that,” she emphasised.
She added: “With this new development, whereby customers would have to remember their card numbers, will make them more liable to make mistakes and make the process much more complicated. The detection of financial crime or cyber crime is not a matter of worry. It’s the reaction time.”
Startups Too at Risk
In a chat with Inc42, ADIF Executive Director Sijo Kuruvilla George had said that the RBI’s ‘Card on File Tokenisation’ move to secure the customers’ card data should not put Indian startups at a disadvantage with global players.
“Care should be taken that the business practices that need to be adopted for our startups to be in compliance with norms do not disadvantage startups to be at par and compete efficiently with global players operating out of other geographies,” he had stressed.
Late last month, the RBI extended the scope of tokenisation from mobile phones and tablets to include all consumer devices like laptops, desktops, wearables, and Internet of Things (IoTs), etc.
The aim is to guard customer data against the growing incidents of data breaches the Indian tech sector has witnessed in the recent months.
The new Payment Aggregators and Payment Gateways (PAPG) guidelines have apparently created an unusual situation for merchants and payment aggregators who would eventually bear the brunt of consumer grievances while not being in a position to resolve the situation until banks and card networks work towards implementing their solutions.
If merchants and payment aggregators are not allowed to store card on file details, there will be no way for them to offer seamless payment solutions for recurring and single-click online payments, making it difficult for the end-consumers to enter the details manually for every transaction. This will make digital transactions tedious, time consuming, and inconvenient, and deter a large number of customers, the experts argued.