India's Massive Card Security Deadline Unlikely to Be Extended

India's central bank is unlikely to extend a Friday deadline for businesses to set up an additional layer of security for consumers' credit card data even after some concerns remain over payments failing and revenue losses, say bankers and merchants, Reuters reported. Despite a demand by smaller merchants to delay the compliance date, there has been no indication so far by the central bank that there is likely to be an extension in deadline, three banking and merchant sources with knowledge of the matter told Reuters. The Reserve Bank of India (RBI) did not respond to an email request for comment. "The general sense is that banks, card networks and (bigger) merchants are better prepared and so the push from the ecosystem side for an extension has also not been massive and we haven't received any indication to suggest an extension either," said a banker with a large state-owned bank. "If it happens, it will be a surprise," he added. Three years ago, India embarked on a mammoth exercise to secure card data by requiring businesses to tokenise cards by Sept. 30. Tokenisation is a process by which card details are replaced by a unique code or token, generated by an algorithm, allowing online purchases without exposing card details, in a bid to improve data security. The RBI first introduced the norms in 2019 and after several extensions has ordered all companies in India to purge saved credit and debit card data from their systems by Oct. 1, 2022. Read more.