Payment gateways and point of sales (POS) terminal service providers have to comply with very peculiar and complicated set of laws in India. Perry4Law has been receiving consultancy and regulatory compliance support related service requests in these fields. In the larger interest of payment gateways and POS terminal service providers that wish to operate in a lawful manner in India, Perry4Law has been releasing this research paper so that regulatory compliances are not ignored.
The online payment system of India and e-commerce and online business legal compliances would create many legal challenges for payment gateways and POS terminal service providers in India. For instance, although the mobile payment market in India booming yet legal compliances are still missing. This is despite the fact that cyber due diligence for PayPal and online payment transferors in India has been discussed by us well in advance. The Bitcoin exchanges operating in India must also comply with Indian laws to be legal. This is the reason why Indian corporates are lobbying for regulating digital currency in India.
Indian banking regulatory environment is changing but much still has to be achieved. Even the Reserve Bank of India (RBI) is trying to streamline mobile banking services in India. A Code of Bank’s Commitment to Customers by Banking Codes and Standards Board of India (BCSBI) has also been issued. Securities and Exchange Board of India (SEBI) would also release corporate governance rules for the listed entities in India.
Perry4Law has provided Cyber Law Trends and Development in India 2013 (PDF), Cyber Security Trends and Developments in India 2013 (PDF) and Cyber Forensics Trends and Developments in India 2013 (PDF) that have covered the cyber security and techno legal issues of online payment related issues in India. These trends are also relevant for payment gateways and POS terminal service providers of India. Further, the payment gateways and POS terminal service providers of India are also required to be well aware of Internet intermediary liability in India and cyber law due diligence in India (PDF).
Cyber security has become a big challenge for payment gateways and POS terminal service providers of India. As the Indian government itself has failed to implement the cyber security policy and initiatives declared from time to time, others have also taken Indian cyber security casually. The fact is that Indian cyber security is in a bad condition. Banking industry of India is also facing a variety of financial and banking frauds in India. For instance, Internet banking frauds, ATM frauds, RTGS frauds, etc are on rise in India. Even IT and cyber frauds in Indian companies are increasing. The payment gateways and POS terminal service providers of India must keep these aspects in mind while doing commercial business in India.
The Vskimmer Trojan capable of stealing credit card information from Windows systems is already in circulation. Similarly, the Malware Dump Memory Grabber is also targeting POS systems and ATMs of major U.S. banks. These malware are creating havoc in India and international levels. Recently, the RAKBANK and Bank of Muscat Oman became victims of international ATM heist. The Computer Emergency Response Team (CERT) of India has even started investigation in this international ATM heist case as it has Indian connections as well.
The payment gateways and POS terminal service providers of India must also keep in mind the legal issues of e-commerce in India. As the investment and funding environment of India is fast changing, the cyber law due diligence has become necessary for foreign investors in e-commerce and technology ventures of India. If the payment gateways and POS terminal service providers of India fail to comply with Indian laws, this would affect the chances of getting good fiancé, investment and private equity in the long run.
In their own interest, the payment gateways and POS terminal service providers of India must ensure that they are following the laws of India and ensuring proper cyber law due diligence in India and other jurisdictions like European Union.