Skip to main content

What are restrictions on storage of actual card data?

Reserve Bank of India (RBI) restricts storage of actual card data [i.e. Card-on-File (CoF)] by non-bank payment aggregators and merchants.

What is Card-on-File (CoF)?

Card-on-file (CoF) is the storing of customer card and payment information by a merchant, i.e. keeping card information “on file”.

What are the guidelines on storage of actual card data [i.e. Card-on-File (CoF)]?

No entity in the card transaction / payment chain, other than the card issuers and / or card networks, shall store Card-on-File (CoF) data, and any such data stored previously shall be purged.

From when are the restrictions on storage of actual card data [i.e. Card-on-File (CoF)] applicable?

Reserve Bank of India (RBI) had periodically extended the deadline for effecting the restriction on storage of actual card data [i.e. Card-on-File (CoF)] from June 30, 2021 to September 30, 2022, taking into account the representations received from the stakeholders.

All entities, except card issuers and card networks, are required to purge the CoF data before October 01, 2022.

What relaxations are allowed for “guest checkout transactions”?

For ease of transition to an alternate system in respect of transactions where cardholders decide to enter the card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transactions”), the following are permitted as an interim measure –

  • Other than the card issuer and the card network, the merchant or its Payment Aggregator (PA) involved in settlement of such transactions, can save the CoF data for a maximum period of T+4 days (“T” being the transaction date) or till the settlement date, whichever is earlier. This data shall be used only for settlement of such transactions, and must be purged thereafter.
  • For handling other post-transaction activities, acquiring banks can continue to store CoF data until January 31, 2023.


References

Reserve Bank of India. (2020, March 17). 'Guidelines on Regulation of Payment Aggregators and Payment Gateways (Updated as on November 17, 2020)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822&Mode=0

Reserve Bank of India. (2021, December 23). 'Restriction on storage of actual card data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12211&Mode=0

Reserve Bank of India. (2022, June 24). 'Restriction on Storage of Actual Card Data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12345&Mode=0

Reserve Bank of India. (2022, July 28). 'Restriction on Storage of Actual Card Data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12363&Mode=0


Follow at - Telegram   Instagram   LinkedIn   Twitter

Labels:

Comments

Post a Comment

Popular Posts

National Strategy for Financial Inclusion (NSFI) 2025-30

Reserve Bank of India (RBI) has published National Strategy for Financial Inclusion (NSFI) 2025-30. Financial Inclusion The Committee on Financial Inclusion (Chairman: Dr C Rangarajan, RBI, 2008) defined financial inclusion as “the process of ensuring access to financial services, timely and adequate credit for vulnerable groups such as weaker sections and low-income groups at an affordable cost”. The Committee on Medium-Term Path to Financial Inclusion (Chairman: Shri Deepak Mohanty, RBI, 2015) viewed financial inclusion as, “convenient access to a basket of basic formal financial products and services that should include savings, remittance, credit, government-supported insurance and pension products to small and marginal farmers and low income households at reasonable cost with adequate protection progressively supplemented by social cash transfers, besides increasing the access of small and marginal enterprises to formal finance with a greater reliance on technology to cut costs an...
Post a Comment
Read more

Small Value Digital Payments in Offline Mode

An active internet connection is necessary for carrying out any digital payments. However, Reserve Bank of India (RBI) has introduced a framework for carrying out small value digital payments in offline mode. What is offline payment? An offline payment means a transaction which does not require internet or telecom connectivity to take effect.  What is the basis of framework for small value digital payments in offline mode? Reserve Bank of India (RBI) had, vide circular dated August 06, 2020, permitted a pilot scheme to encourage technological innovations that enable small value digital transactions in offline mode. It was stated therein that the decision on formalising such a system would be based on the experience gained. With encouraging feedback from the pilots, a framework for carrying out small value digital payments in offline mode across the country has been introduced. What are the instructions for Payment System Operators (PSOs) and Payment System Participants (PSPs)? Auth...
Post a Comment
Read more

RBI’s Monetary Policy (December 05, 2025): In A Nutshell

The bi-monthly monetary policy of Reserve Bank of India (RBI) was announced on December 05, 2025. Here are some of the highlights of the monetary policy announcement. Rates   Change Rate Policy repo rate Reduced by 25 bps 5.25% Standing deposit facility (SDF) rate 5.00% Marginal standing facility (MSF) rate 5.50% Bank rate 5.50% Monetary policy stance Monetary policy stance unchanged as ‘neutral’. Domestic Economy  Real Gross Domestic Product (GDP) growth accelerated to 8.2% in Q2, buoyed by strong spending during the festive season which was further facilitated by the rationalisation of the goods and services tax (GST) rates.  Real GDP growth for 2025-26 is projected at 7.3%. For the first time since the adoption of flexible inflation targeting (FIT), average headline inflation for a quarter at 1.7% in Q2, breached the lower tolerance threshold (2%) of the inflation target (4%). It dipped further to an all-time low of 0.3% in October 2025. The underlying inflation pressu...
Post a Comment
Read more

Export / Import of Currency and Possession / Retention of Foreign Currency

Reserve Bank of India (RBI) has updated the guidelines on export and import of currency. What are the guidelines on export and import of Indian currency? Transferor Transfer from Transfer to Nature of currency Maximum limit Person resident in India India Countries other than Nepal and Bhutan Currency notes of Government of India (GoI) and RBI notes ₹25000 per person Commemorative coins 2 coins Person resident in India gone out of India on temporary visit, on his return Countries other than Nepal and Bhutan India Currency notes of GoI and RBI notes ₹25000 per person Person resident outside India (not citizen of Pakistan / Bangladesh) visiting India India Any country Currency notes of GoI and RBI notes ₹25000 per person Any country India Person (not citizen of Pakist...
Post a Comment
Read more

Disclosures to be made by NBFC-BL

Non-Banking Financial Companies (NBFCs) are required to make various disclosures. This article lists out some of the important disclosures to be made by Base Layer NBFCs (NBFC-BL) in its financial statements, on its website and in its branches. Disclosures to be made in financial statements / annual reports Master Direction – Reserve Bank of India (Non-Banking Financial Company – Scale Based Regulation) Directions, 2023 dated October 19, 2023 Para 37.4.4 – In case of gold loans, NBFCs shall disclose in their annual reports the details of the auctions conducted during the financial year including the number of loan accounts, outstanding amounts, value fetched and whether any of its sister concerns participated in the auction. Para 40 – NBFCs shall disclose in their annual financial statement, aggregate amount of loans and advances sanctioned to directors, senior officers and relatives of directors and to entities where directors or their relatives have major shareholding (as per templat...
Post a Comment
Read more