Skip to main content

What are restrictions on storage of actual card data?

Reserve Bank of India (RBI) restricts storage of actual card data [i.e. Card-on-File (CoF)] by non-bank payment aggregators and merchants.

What is Card-on-File (CoF)?

Card-on-file (CoF) is the storing of customer card and payment information by a merchant, i.e. keeping card information “on file”.

What are the guidelines on storage of actual card data [i.e. Card-on-File (CoF)]?

No entity in the card transaction / payment chain, other than the card issuers and / or card networks, shall store Card-on-File (CoF) data, and any such data stored previously shall be purged.

From when are the restrictions on storage of actual card data [i.e. Card-on-File (CoF)] applicable?

Reserve Bank of India (RBI) had periodically extended the deadline for effecting the restriction on storage of actual card data [i.e. Card-on-File (CoF)] from June 30, 2021 to September 30, 2022, taking into account the representations received from the stakeholders.

All entities, except card issuers and card networks, are required to purge the CoF data before October 01, 2022.

What relaxations are allowed for “guest checkout transactions”?

For ease of transition to an alternate system in respect of transactions where cardholders decide to enter the card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transactions”), the following are permitted as an interim measure –

  • Other than the card issuer and the card network, the merchant or its Payment Aggregator (PA) involved in settlement of such transactions, can save the CoF data for a maximum period of T+4 days (“T” being the transaction date) or till the settlement date, whichever is earlier. This data shall be used only for settlement of such transactions, and must be purged thereafter.
  • For handling other post-transaction activities, acquiring banks can continue to store CoF data until January 31, 2023.


References

Reserve Bank of India. (2020, March 17). 'Guidelines on Regulation of Payment Aggregators and Payment Gateways (Updated as on November 17, 2020)'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822&Mode=0

Reserve Bank of India. (2021, December 23). 'Restriction on storage of actual card data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12211&Mode=0

Reserve Bank of India. (2022, June 24). 'Restriction on Storage of Actual Card Data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12345&Mode=0

Reserve Bank of India. (2022, July 28). 'Restriction on Storage of Actual Card Data [i.e. Card-on-File (CoF)]'. Retrieved from https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12363&Mode=0


Follow at - Telegram   Instagram   LinkedIn   Twitter

Labels:

Comments

Post a Comment

Popular Posts

Highlights of RBI Annual Report 2025-26 – Chapter 1 to 3

Reserve Bank of India (RBI) has published its annual report for the financial year 2025-26. In a series of articles, we will go through the highlights of the report. This is the first article in the series.  Legal framework for publication of Annual Report by the RBI Report of the Central Board of Directors on the working of RBI for the year is submitted to the Central Government in terms of Section 53(2) of the RBI Act, 1934. The letter of transmittal is signed by the RBI Governor and addressed to the Finance Secretary, Ministry of Finance, Government of India. Documents submitted by the RBI to the Central Government In pursuance of Section 53(2) of the RBI Act, 1934, the following documents have been submitted to the Central Government – A copy of the Annual Accounts for the year ended March 31, 2026 certified by the RBI’s Auditors and signed by Chief General Manager-in-charge, all the Deputy Governors and Governor. 2 copies of the Annual Report of the Central Board on the workin...
Post a Comment
Read more

Credit Facilities – Lending against Gold and Silver Collateral

Reserve Bank of India (RBI) has issued directions on credit facilities offered by various regulated entities. This article summarises the directions applicable to lending against gold and silver collateral. To whom are the directions applicable? The directions are applicable to the following Regulated Entities (REs) – Commercial Banks  Small Finance Banks (SFBs) Local Area Banks (LABs) Regional Rural Banks (RRBs) Primary (Urban) Co-operative Banks (UCBs) Rural Co-operative Banks – State Co-operative Banks (StCBs) Central Co-operative Banks (CCBs) Non-Banking Financial Companies (NBFCs) for all layers – Deposit taking NBFC (NBFC-D) NBFC-Investment and Credit Companies (NBFC-ICC) NBFC-Factor  NBFC-Micro Finance Institutions (NBFC-MFI)  NBFC-Infrastructure Finance Company (NBFC-IFC)  Infrastructure Debt Fund-NBFC (IDF-NBFC)  Housing Finance Company (HFC)  To whom are the directions partially applicable? The prudential regulations are not applicable to ‘NBFCs-B...
Post a Comment
Read more

Highlights of RBI Annual Report 2025-26 – Chapter 4 & 5

Reserve Bank of India (RBI) has published its annual report for the financial year 2025-26. In a series of articles, we will go through the highlights of the report. This is the second article in the series.  Chapter 4 – Credit Delivery and Financial Inclusion The limit for collateral free loans to Micro and Small Enterprises (MSEs) was enhanced from ₹10 lakh to ₹20 lakh. The RBI was involved with the nationwide campaign, ‘Aapki Poonji, Aapka Adhikar’ (Your Money, Your Right), conducted during October-December 2025 to facilitate the return of unclaimed deposits and timely settlement of eligible claims from the Depositor Education and Awareness (DEA) Fund. During the campaign, ₹2,876 crore of unclaimed deposits were settled by public sector banks and regional rural banks. Expanding and Deepening of Digital Payments Ecosystem (EDDPE) programme  The programme aims to provide every eligible individual in the identified districts at least one mode of digital payment, viz., debit / ...
Post a Comment
Read more

Highlights of RBI Annual Report 2025-26 – Chapter 6 (Part I)

Reserve Bank of India (RBI) has published its annual report for the financial year 2025-26. In a series of articles, we will go through the highlights of the report. This is the third article in the series.  Chapter 6 – Regulation, Supervision and Financial Stability (Part I) Opening of and operation in deposit accounts of minors by banks – Minors of any age can open and operate savings and term deposit accounts through his / her natural or legal guardian or with mother as guardian.  Minors above the age of 10 years may open and operate savings and term deposit accounts independently, if they so desire. Digital lending guidelines – Regulated Entities (REs) were mandated to ensure that lending service providers (LSPs) display all loan offers to borrowers when multiple lenders are involved.  A public directory of Digital Lending Apps (DLAs) was introduced to help borrowers verify their link with REs. Non-Banking Financial Companies (NBFCs) were allowed to consider Default...
Post a Comment
Read more

Credit Facilities – Finance to Non-Banking Financial Companies (NBFCs)

Reserve Bank of India (RBI) has issued directions on credit facilities offered by various regulated entities. This article summarises the directions applicable in respect of finance to Non-Banking Financial Companies (NBFCs). To whom are the directions applicable? The directions are applicable to the following Regulated Entities (REs) – Commercial Banks  Small Finance Banks (SFBs) Primary (Urban) Co-operative Banks (UCBs) All India Financial Institutions (AIFIs) regulated by RBI – Export Import Bank of India (EXIM Bank) National Bank for Agriculture and Rural Development (NABARD) National Housing Bank (NHB) Small Industries Development Bank of India (SIDBI) National Bank for Financing Infrastructure and Development (NaBFID) What are the conditions on finance to NBFCs? Commercial Banks and SFBs The bank shall extend need based working capital facilities as well as term loans to NBFCs registered with the RBI and engaged in infrastructure financing, equipment leasing, hire-purchase, l...
Post a Comment
Read more