WhatsApp caves, develops local payments data system to meet RBI rules

By Elton Gomes

Complying with the Reserve Bank of India’s (RBI) data localisation rule, WhatsApp stated that it has developed a system to store payment-related data in India. The announcement means that the Facebook-owned messaging app has agreed to the RBI’s directive that all data must be stored locally.

A WhatsApp spokesperson said that the company has begun a pilot project that has almost one million Indian users. “In response to India’s payments data circular, we’ve built a system that stores payments-related data locally in India,” the spokesperson told Live Mint. “WhatsApp Payments is useful for people in their daily lives and we hope to expand the feature to all of India soon so we can contribute to the country’s financial inclusion goals.”

WhatsApp said that almost one million Indian customers were “testing WhatsApp payments to send money to each other in a simple and secure way.” The spokesperson further said that WhatsApp hoped to expand the feature to the whole of India soon.

With a user base of more than 200 million in India, the Facebook-owned messaging app has been trying to make its mark in the payments space, but it came across a few hurdles after the RBI’s data localisation norm.

WhatsApp’s compliance comes at a time when several payment firms still have limited data storage in India and are struggling to comply with the RBI’s data localisation norms. The RBI has set October 15 as the deadline for all payment system operators to store their data locally. Besides Visa, American Express, Facebook, PayPal, and Mastercard among others, Google and WhatsApp were also required to store their data in India.

What is the RBI’s data localisation rule?

In April 2018, all payment companies operating in India were asked to set up data storage facilities within the country in the next six months. The RBI said that it had taken note of the growth in the payments ecosystem in India, and it needed “unfettered supervisory access” to the transaction data in order to ensure better monitoring of the network.

Domestic payments companies like Paytm and PhonPe, along with law enforcement agencies supported the RBI’s directive. However, the rule drew criticism from global companies like Google, Amazon, Visa, MasterCard, who raised objections on some of the clauses of the rule.

Officials are of the opinion that data processing in India will tighten security measures against criminals. For instance, if Nirav Modi and Mehul Choksi’s financial details were available in India, security agencies could have dug deeper in the probe.

Google seeks more time to comply with RBI rule

Earlier in September, tech giant Google agreed to comply with the data localisation rule but sought more time to fully agree to the norms. A government source told the press that Google took the decision when IT minister Ravi Shankar Prasad visited the company’s headquarters in California. Google informed Prasad that it is ready to comply with the norms but will be requiring two more months to store data in India.

What does this mean for WhatsApp

WhatsApp’s rollout of its payments scheme has always been questioned by India’s IT ministry. The ministry wanted more clarity on whether the new (unified payments interface) UPI-based service conforms to RBI’s security and privacy rules.

Compliance with the data localisation circular might work out in WhatsApp’s favour as it could get a chance to collaborate with the State Bank of India. Additionally, WhatsApp’s move to comply with data storage norms could potentially pose a threat to established players such as SoftBank and Alibaba-backed Paytm.

Elton Gomes is a staff writer at Qrius