People in India must have experienced the ease and flexibility of online Shop Hunting. Besides the mode of shopping, the bill payments, mobile recharge, DTH recharge, etc., are taking the path of the electronic approach. If you have picked any services or goods to purchase on a website, then everything you have chosen will be automatically added to your cart. Afterward, you will be at the end of the phase for payment. This is when you are getting addressed to the "Payment Gateway" of the site, plus the payment gateway site must get equipped with the payment gateway license.
The overall procedure of Payment Gateway License is directed under the Payment and Settlement Systems Act, 2007. It is a set up by the RBI which delivers all sorts of regulations and administration of payment systems in India.
What is the meaning of Payment Gateway License?
Payment Gateways are intermediary elements in between the banks and the websites promoting the delivery of Transaction report. They formulate data from the payer bank and transmit the information to the receiving banks. They generally note their feedbacks, such as whether the transaction is approved or rejected. Moreover, it is an integral component of the payment gateways of the security of the funds transacted.
The sensitive information needs to be protected from any fraud and misrepresentations such as Debit/Credit Card Numbers, internet banking ids, and passwords, etc. For this reason, there are governing security standards to be followed by anyone getting access to card information such as payment gateways by the card associations along with various rules and regulations. Those rules and standards are described as the "Payment Card Industry Data Security Standard" (PCI-DSS or PCI).
Where to Apply for Registration of Payment Gateway License in India?
Registering your business in India for starting a payment gateway business in India is the first step to be followed. For this very purpose, any business can take the form of sole-proprietorship, partnership, or the structure of a company; however, the business of payment gateways is suited if formed as a private limited company in India. Following this, the RBI may impose a reasonable restriction on the Indian financial eco-system for financial protection.
What are the Types of Payment Gateway Providers in India & How to go about it?
The payment gateway providers are of two types in the Indian market, enabling the businesses to approve payment from national and international customers in Indian National Rupees ₹ (INR). They work with the support of Credit/Debit Card and Net-banking arrangements. Payment gateway license can be applied before RBI as per the below-mentioned parties.
Those Are As Follows:-
Second Party Providers
Parties starting from Rs 30,000 (setup costs are very high), Like HDFC, ICICI, and Axis having low Transaction Discount Rate (TDR) with lower transaction fees. There is no point in going for this category of providers since it would be costly initially for a small business or a start-up.
Third-Party Providers such as EBS, CCAvenue, Payzippy, PayU, Direct Pay, which charges setup and annual fee; however, some even don’t charge that. Most of them cost around service tax + 2% to 4% Transaction Discount Rate (TDR). By convincing, the providers about the future business goals of the concern can somewhatget negotiated.
What are the recent RBI's guidelines for the Regulation of Payment Gateway License Aggregators?
The RBI has laid down some stringent guidelines On March 17, 2020, for regulating payment aggregators, and payment gateways. The vide "Circular RBI/DPSS/2019-20/174 DPSS.CO.PD.No.1810/02.14.008/2019-20" announced it.
The payment aggregators shall achieve a net worth of Rs. 15 crores by March 31, 2021, existing as on the date of this particular circular. Moreover, payment aggregators shall accomplish a net worth of Rs. 25 crores by March 31, 2023.
Additionally, new PAs at the time of application for authorization shall have a minimum net-worth of Rs. 15 crores and shall attain a net worth of Rs. 25 crores by the passing of grant of approval of the third financial year. In consonance with the supervisory, the payment aggregators and gateways have been put under RBI's direct supervision.
What are the basic requirements for the registration of a payment gateway provider license in India?
- Minimum of two directors and two members
- Address details of the business setups.
- Business strategy for five years
- Company's current account in the name of the company, along with PAN details.
- System flow and Code testing report by Software certifying agency
- The registration process will be subjected to RBI Discretion
- GST registration is mandatory.
- PCI DSS Compliance stands for (Payment Card Industry Data Security Standard) to be associated with the payment gateway business in India
PCI DSS contained rules and regulations and has launched on September 7, 2006. It intends to optimize the security of credit, debit, and cash card transactions and protect cardholders from facing any scams.
Their launch's primary focus was to improve payment account security throughout processing the transactions to administer the on-going processes of the Payment Card Industry (PCI) security standards. Payment Gateway License is absolute software-related compliance involved apart from regulatory compliance, which is most difficult and needs due attention.
What are the Essential Elements of Payment Gateway Transactions?
Secure Electronic Transaction (SET)
The major providers of electronic transactions assure & secure electronic transactions such as Visa and MasterCard. SET allows merchants to verify their customers’ payment information protecting the customer without actually seeing it. The information on the card is immediately carried to the company issuing a card for confirmation.
Merchant Agreement is a contract between the payment and business service provider. Every party involved in the online transactions under this agreement are guided by the rules and responsibilities stated concerning payment acceptance, authorization, processing, and compensation.
How do Payment Gateways Operate?
There are numerous tasks conducted by the Payment Gateways once the customer places the order from an online Platform.
Those Are As Follows:-
Encryption Of Data
At the very outset, the browser encrypts the data that to be sent to vendors’ servers from which the customer uses for the transaction. By the payment gateway, the transaction data gets sent to the payment processor.
Inquiry For Authorization
Afterward, the payment processor transmits the data to the card association, where the Bank issuing the credit card operates the transaction at this point and accepts or rejects it accordingly.
Filling The Order
The authorization is forwarded to the processor about the merchant and the customer to the Payment Gateway. It is transmitted to the website to process the payment once the response is received. Whenever the information is interpreted, the amount is generated. Interestingly, all these procedures take only a few seconds at the flip of the eyes.
Additional Functions of Payment Gateway Operators
The Payment Gateways Allows Various Other Functions Such As:
- Identity morphing detection;
- Advanced Visual Systems (AVS) checks;
- Computer Finger Printing technology;
- Velocity pattern analysis;
- Verification of delivery address;
- Calculate the amounts of tax to authorize applications transmitted to the processor.
What is the Procedure to obtain a Payment Gateway License in India?
Follow the steps described below for obtaining a Payment Gateway License in India.
As per the description of Section 5(1) of the PSS Act, kindly apply the prescribed ‘Form A’. This application shall be made at Central Offices of the RBI at Mumbai to the 'Chief General Manager of Department of Payment' and 'Settlement Systems.' It can also be addressed to such other offices of the RBI as may be specified periodically.
The RBI’s recommendation for granting the authorization is conditional to its discretion, as per Section 6. The RBI has the power to handle such inquiries as it may consider necessary to satisfy the authenticity of the details. Those details must have been submitted by the applicant and for investigating the credentials of the interested parties.
The RBI should take the following measured requirements into account before approving the authorization letter.
Those Are As Follows:-
- Consider all the requirement for proposal payment system and the services recommended
- Consider all the technical criteria set for the payment system or the structure of the proposed payment system;
- Consider all the terms and conditions, including any security scheme, for the maintenance of the proposed payment system;
- Consider how the transfer is done in the given payment system;
- Consider all the manner for netting of payment guidance that affects the payment obligations under the payment system;
- Consider all the management’s financial status practice and the sincerity of the applicant;
- Consider all the terms and conditions that supervise the relationship of the customers with the payment providers;
- Consider all the credit and monetary policies;
- Consider all the time frame for authorization
It may issue the Authorization Certificate in Form ‘B’ for commencing and carrying on a payment system to the applicant only if RBI is satisfied that all the requirements laid down in Section 7(1) gets fulfilled. As mentioned by the RBI, the authorization shall take effect date, as per the conditions that have been imposed.
RBI is required to process the application of authorization at the earliest with a maximum time limit of six months, according to Section 4 of the PSS Act. It can be enunciated from the date on which the application for approval has been filed.