The move by the RBI might hurt e-commerce platforms and taxi aggregators such as Google Play, Amazon and Uber as these companies route credit card transactions through an international payment gateway and circumvent the two-step verification mandated by the RBI.
It has come to our notice that despite the above clarifications there are instances of card not present transactions being effected without the mandated additional authentication/validation even where the underlying transactions are essentially taking place between two residents in India. It is also observed that these entities are evading the mandate of additional authentication/validation by following business/payment models which are resulting in foreign exchange outflow, the RBI said in a notification.
The apex bank said that camouflaging and flouting guidelines on card security was made possible by merchant transactions being acquired by banks located overseas resulting in an outflow of foreign exchange which is in violation of violation of the directives under the Payment and Settlement Systems Act and the Foreign Exchange Management Act, 1999.
RBI said directive shall be effective immediately. However, existing arrangements if any, will be accorded time up to October 31, 2014 to comply with our instructions, to avoid any business disruption, it added.