Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What is wrong with Reserve Bank of India?
145 points by superasn on March 15, 2015 | hide | past | favorite | 86 comments
This is a bit of rant but I'm also wondering if there is anything we (the Indian tech community) can do about it?

If you're an Indian startup, I'm sure you must know that the Reserve Bank of India has the worst policies when it comes to charging a credit card.

1) In India, you cannot create recurring subscriptions as the RBI prohibits charging the credit card automatically. Not one Indian payment processor (I've talked to a many) gives you the option to create recurring subscriptions. Can you imagine where half the SaaS startups will be without recurring credit card subscriptions?

2) Add to that, Paypal to Paypal transfer within India is prohibited by RBI. Why? Because certain people used to evade tax by purchasing goods directly with their Paypal balance. So, instead of catching the tax evaders the RBI found it easier to ban the whole thing. They could have made it mandatory for Paypal to report every transaction (as they require a a PAN card) but banning it altogether was easier, I guess?

3) Even big companies like Uber had to recently discontinue Credit card purchases because of these inane credit card policies of RBI [1]

4) I really don't think it's about customer security (since the rest of the world seems fine with it) but rather some "Babu" type mentality which is to ban the whole thing rather than make the efforts to make it work securely.

Anyway, enough about the problem. Now what can we do about it?

I know Modi really wants us to "make in India" and wants to promote the IT industry. Who are the right people to contact who can do something about this?

[1] http://qz.com/296483/indias-credit-card-rules-just-took-the-ease-out-of-uber/




>In India, you cannot create recurring subscriptions as the RBI prohibits charging the credit card automatically.

I am really happy that this is how it is. There is no shortage of cheats and frauds in India. Thanks to the RBI I can rest easy without worrying about getting (unsanctioned) charges on my credit card from shady businesses.

The RBI does provide an alternate means for supporting recurring bills. If you are a business in India try looking into the ECS option: http://www.rbi.org.in/scripts/ECSUser.aspx


Dude... you just violated the RBI policy by linking their web page. Read: /scripts/disclaimer.aspx

Links to this Web Site from other web sites

Except as set forth below, caching and links to, and the framing of this Web Site or any of the contents are prohibited.

Linking to the Home Page - You may link to the Home Page of this Web Site, http://www.rbi.org.in upon notifying RBI in writing.

For hyper-Linking to an internal page of this Web Site (not being the Home Page) the user must make a specific request for, and secure permission from RBI prior to hyper-linking to, or framing, this Web Site or any of the contents, or engaging in similar activities. RBI reserves the right to impose conditions when permitting any hyper-linking to, or framing of this Web Site or any of the contents.


What's the reasoning behind the policy against linking to them? That seems crazy.


Yeah man, sorry about that. I can't edit the comment now. I will admit the RBI does have some asinine policies.


Maybe you're skeptical but if everyone thought like this, here is a small list of things I wouldn't be able to do which I'm really thankful for:

1) AWS bills me automatically every month for the hosting. I'm totally fine with it and kinda happy they do it.

2) Namecheap renews my domains for me (the ones I've setup on auto-renew). I'm happy they do it because I'm traveling a lot.

3) Paying for services like Uber with my credit card sounds nice. The process seemed really effortless.

4) I'm sure I can think many more things where this is a convenience for the customer.

> Thanks to the RBI I can rest easy without worrying about getting (unsanctioned) charges on my credit card from shady businesses.

There are cheats and there is a system for dealing with cheats. It's the same everywhere (419 scammers are not from India). You don't unplug from the internet on Windows just because there are a tonne of viruses for Windows. You install an anti-virus or firewall for that.

> If you are a business in India try looking into the ECS option:

I know about the ECS option but that really doesn't work very well with online business. As far as I know you need a Void check from the customer and there is paperwork (AFAIK). Also what about international customers, just because you're based here does not stop you from having those.


ECS doesn't require a void check. The electricity bill which you might be paying via your credit card on a monthly basis is an ECS payment.

The only problem here is as a business you cannot set it up for a customer, like the AWS bill because "ECS Credit can be used to pay interest, dividends...." (pay; not charge)

Customer needs to add and set it up on his own, so thats a bummer for sure.


I think there is some merit in what you are saying. But personally I would never allow any company (be it Amazon or Namecheap) to withdraw a variable amount of money from my bank account without prior authorization.

Manual authorization is a minor inconvenience but prevents major headaches down the line. You know like they say: Prevention is better than cure.

>3) Paying for services like Uber with my credit card sounds nice. The process seemed really effortless.

You do not need a credit card for online transactions in India. Credit cards are mostly redundant in the age of internet banking (as far as Indian businesses are concerned). I have never used a Credit Card to buy anything from flipkart etc (I choose the net banking/online payment option always). I guess you do not know about this because the USA does not have creditcardless online payments.


>419 scammers are not from India

But 420 scammers are! http://en.wikipedia.org/wiki/Section_420_of_the_Indian_Penal...


ECS is really hard to setup for a consumer service. Maybe companies targeting enterprises can get this setup, but its really hard to charge a regular consumer for a regular service using ECS.


In most cases where I made cancellations of a service, they disconnected immediately. Let's say that I had a subscription of cable broadband, and I have already paid till the 30th of June. I call them up on 18th of June and ask for a cancellation - then the cancellation happens by 19th of June whereas any deposit paid gets refunded a few weeks later. This sort of situations has happened to me multiple times in India. I am glad that RBI is looking out for us. The additional regulation is a minor cost of doing business, and those who can't afford that cost should not be in business at all. Given that there are multiple SaaS companies running successfully in and out of India - some serving purely Indian clients - the rant of the OP is absolutely baseless.

Thank you RBI.


>Given that there are multiple SaaS companies running successfully in and out of India - some serving purely Indian clients - the rant of the OP is absolutely baseless.

While I agree that this is RBI looking out for us, its not completely right to say that SaaS companies in India are not facing issues. Companies like Zoho are not able to target Indian companies because they can't invoke subscription billing.


Why not send their customers a monthly bill and cancel service if the user doesn't pay? The customers just set up a recurring monthly payment in their bank.


Yes, this is a workaround that is not directly supported by any payment gateway in India so far, which means you have to implement the entire thing yourself.


It's not a workaround, though; it's more consumer-friendly than the "normal" subscription model.

That companies can just pull money out of your bank account is not a good thing. In Germany it's really hard to get people to sign up for subscriptions because companies usually make it really hard to unsubscribe and just continue pulling money from the account. With a push-model like the one described above, the customer just cancels the payments and that's the end of it.


> There is no shortage of cheats and frauds in India.

I would argue any place can have cheats. That's why you can reverse and dispute card transactions if they are fraudulent.


Recurrent payments make possible softer kinds of frauds where you extract money from people for services they don't need or use only because they forgot they ordered them or can't be bothered to cancel.


If its a fraud its a fraud you can get your money back. There's a difference between being cheated and wanting the service & being willing to pay for it.

I might point out on Paypal you get an email every time a charge is done and you can easily cancel any subscription in under a minute quite easily so you wont forget about anything.

Direct Debit (such as that offered by HDFC, Axis, etc) can also do the same thing, although it is more difficult to cancel than a credit card would be & less services are available to it.

Also consider if you pay cash/neft/rtgs/paytm for 12 months upfront instead of every 1 month recurring for a subscription service. Its going to be harder to get that back (and perhaps not possible) if you decide to cancel halfway than it would be with a credit card/paypal.


>>If its a fraud its a fraud you can get your money back.

Sorry, but in a country where credit card companies send the local mafia after a person if they miss a few EMI's. No one is realistically going to trust 'dispute the transaction, get your money back' promise.

There will be so much fraud from both the ends, it will be hard to bring the chaos in control.

India needs a lot of social evolution before you could trust the public with these things. We can't even discard a biscuit packet properly, let alone these kind of things.


I still prefer to pay up front. At least I need to carefully consider if I actually want the service.

I heard a lot of stories how hard is to get out of gym membership. If someone uses tricks in my psychology to make me pay for the service I don't use I consider it to be a scam. Visa might think otherwise.


Need to think it through. People (in India) may readily start reversing/disputing actual transactions they made. Such hacks are not uncommon there.


Agreed, this has lot to do with social evolution than government policy.

'X country has it, why can't we' is a useless argument here. If only Indians acted with same degree of responsibility, you could do away with a lot of things.


> I would argue any place can have cheats. That's why you can reverse and dispute card transactions if they are fraudulent.

but India has the reputation of being one of the world's mecca of online scams. I'm sure plenty of good people in India too but there is an overwhelming population that choose to scam, deceit their way out of honest folk's money.

Poverty is always used as an excuse for such behavior but we've seen plenty of emerging economies where people have gone through poverty like Korea, Japan, Taiwan that aren't known to behaved as badly, using poverty as a modus operandi to inflict damage on others.

So yeah, I'm really glad there are steps in place to stop frauds and cheats coming out of this place, it's doing the rest of the world a great favor.


Seems like a good opportunity for an Indian startup to make an Uber for India that easy ECS billing each month or before each month or something. I'd happily take an auto-debit of my average spend each month over having to manually do each payment. Maybe keep credits in the account if they go unused.


What does that have to do with Uber? I'm missing the connection.


Uber is not the one that is being fought by a comptetition. As of now Ola rules the Indian online/app hail-a-cab space and it's Uber that is trying to fight them. And yes, they have a "Credit" system where you pay to Ola and you have Ola "credit" or "balance" in your account and you can keep paying using that. Many Indian companies have such "wallets" implemented.


I don't see how unsecured CC is good for us. Credit card fraud raises national debt, makes your economy reliant on derivatives such as insurance and in the end you fall down. Maybe US economy could sustain derivative based approach because of it's size, but India would be in much worse position if something like 2008 happened here.

Now, that said, this could be an opportinity for a startup, so stop complaining for a moment. Americans did not have easy way to pay, what did they do? They created PayPal. Indians don't have easy way to accept recurring payments, what should we do? Create an alternative to CC using ECS. We do have ECS, remember? It's a great system and roadside lenders are using it, so it's not hard to setup. It's just not a simple API yet. So get it there.

You know, somebody must have ported CC online too. Wasn't the same since Adam. Somebody needs to do that with ECS and then we would have a system that is orders of magnitude more secure that recurring CC, requires almost no insurance, and puts the guy paying directly in control.

Don't start off assuming that CC is a very bright idea, in general. With all that said, I do believe RBI is working on a simplified banking API guidelines.

Also SaaS has nothing to do with recurring CC. Don't you use postpaid services in India? Generate an invoice and give someone a week to pay. I mean if it's good enough for other service providers, why not for SaaS? Just use a shorter payment deadline.


> Credit card fraud raises national debt, makes your economy reliant on derivatives such as insurance and in the end you fall down.

That's not how credit cards work. Credit card fraud is never shouldered by the country, only the banks and stores that fall victim to it. There's no insurance involved, it's a cost of accepting credit cards.

> Also SaaS has nothing to do with recurring CC. Don't you use postpaid services in India? Generate an invoice and give someone a week to pay. I mean if it's good enough for other service providers, why not for SaaS? Just use a shorter payment deadline.

A big factor of having a successful SaaS product is reducing friction and making it scale. Invoicing for an inexpensive reoccurring service does not scale and is a pain for both sides of the transaction.


> Credit card fraud is never shouldered by the country, only the banks and stores that fall victim to it.

That's a little near-sighted, I'm afraid. You don't think banks have a way to sock their debt to countries?

Heck, individuals do. On my income tax form here, there is a write-off field where I can put in losses from investments and such.


Only as nets against investment gains.


Invoicing does not scale? I bet if you write down a list of world's largest, most scaled out services that charge monthly, most of them would be using invoicing as the main mechanism.

In India, don't you think invoicing scales for BSNL, Airtel, BSES, etc.?

And there is a huge insurance component inc credit cards. Ever see the difference in accepting rates of CC and a debit card? Ever wondered why that is? Every damn transaction you do requires heavy handed underwriting. The underwriting requires insurance. If the underwriter pays later than the bank needs it, the bank needs insurance backbone to fall on. On individual fraud basis, banks themselves come under debt for extensive periods of times while the underwriter sits and decides. The rectification with the customer itself takes months during which the bank is in debt.

The reason you're paying Visa or MasterCard any money is in hope that they underwrite in case there is a fraud or customer can't pay. How else do you define insurance?


> Credit card fraud is never shouldered by the country, only the banks and stores that fall victim to it.

It doesn't become part of the formal national debt tally, but a country full of debtors who can't pay their bills is sure as hell a drag on a country's economy.


> Also SaaS has nothing to do with recurring CC. Don't you use postpaid services in India? Generate an invoice and give someone a week to pay. I mean if it's good enough for other service providers, why not for SaaS? Just use a shorter payment deadline.

SaaS has a lot to do with recurring CC. If you've ever done landing page optimization you know how much changing the color of headline or moving a few pixels around can boost your conversions. Hell, people have stated that by just putting that no-good "McAfee secured" logo on their payment page increases their conversions by 50%.

Now imagine that instead of that I ask you that please mail me a blank voided check and a print out a consent form, fill it, sign it and mail it (that how I've enabled ECS for my internet) on the checkout page. Don't you think my conversions will be 1/10th after it?

Also subscription billing is not always bad: Namecheap, and AWS are two services I'm really glad can bill me and keep my domain and hosting alive while I'm traveling.


The issues you describe regarding debt only apply to credit cards. There's no reason to have to pay with credit though, you can use debit cards in exactly the same way.


Kudos to RBI for not supporting pre-authorized credit-card transactions. These are a stupid idea.

Consumers, never sign up for that crap, even if there are incentives.

If you are charged some extra fee, you will not be able to get it back, because you authorized the contract.

I almost got charged a superfluous $600 fee this way. Only, the foolhardy merchant sent me advance notice that this charge is coming to my credit card. So, of course, I promptly called my bank's security center and canceled the entire card. That's what it took to avoid the charge, which bounced, and the dickheads have been trying to collect that $600 from me ever since.

> Can you imagine where half the SaaS startups will be without recurring credit card subscriptions?

Yes, I can. They will have to send people bills by e-mail (or perhaps even snail mail) and await payment, like any other honest business. Then suspend the account if it is in arrears for more than X days.

Doh?

> but rather some "Babu" type mentality which is to ban the whole thing

Maybe Babu Banker smartly doesn't want his customer support people to deal with all the ensuing complaints, arising from a flood of people begging to have unwanted charges reversed.


> They will have to send people bills by e-mail (or perhaps even snail mail) and await payment, like any other honest business. Then suspend the account if it is in arrears for more than X days.

How do services like Netflix and Spotify work in India? In the UK I pay Netflix £6.99 a month (about the price of two coffees), and I'd get rather annoyed if I had to send them a cheque for that amount every month :D


Simple. They don't work in India.


There's no need for checks or credit cards India has internet banking (100% online payments).


Netflix and Spotify don't do business in India...


This is a good topic to Discuss in length.

As someone pointed out, the future is headed towards Closed Wallets - Paytm or Apple Pay.

In India, most of them don't understand security. Online banking is nascent, still not reached critical mass.

Many transactions happen via Cash on Delivery here in India. I run Jumkey.com - a Jewellery Marketplace, more than 70% of orders are on COD.

I feel, RBI has made enough good choices and protecting customers first. Banking Rules should be Strict.

Paypal was promoting easy money movements without trace being left. So, How RBI reacted makes sense in that context.

Coming to Innovation, 2015 is all About Mobile and Mobile Wallets. Will only get better overtime.


yes,

paytm deems to be moving in right direction , lets hope with Tata's new found love for Paytm , makes it worthwhile


don't think Apple Pay is a "wallet", in that you can't store money, it's just your CC that's being charged.


True, although many Apple Pay users have Visa/MC debit cards linked to a checking account, essentially making it a digital wallet.


'liability' & 'credit history' may or may not be the reason but it's a good justification.

In India, is it easy (or even possible) to deny an unauthorized charge on your credit card? AFAIK, this is possible only after you declare your credit card last or stolen. Any charges before that would be the customer's responsibility.

Before the above is implemented, it is important to have 'zero liability' credit cards (RBI is working on it [1]). The 'zero liability' requirement would also need a reliable credit history of consumers. Not sure if that exists in India yet.

[1] http://trak.in/tags/business/2012/01/10/rbi-hints-at-zero-li...


> Can you imagine where half the SaaS startups will be without recurring credit card subscriptions?

In Singapore or the United States. This is the route they take to avoid this problem.

> I really don't think it's about customer security

It is. Even with the security involved you frequently see people responding to the `You won a lottery from Coca Cola` and getting defrauded.

> Who are the right people to contact who can do something about this?

You're asking for a framework that would benefit SaaS startups. Fair enough. This will take time. Recurring billing is important, but what about contracts ? Did you know that you need a signed document for each customer that a SaaS company engages with in India ? It needs to be signed physically. Credit card charges are only the first step. From a broader perspective starting a company from here is still hell.

You either use a 3rd party provider that can set up recurring billing and move the money into an Indian bank account (like 2CO) or move the base of operations to Singapore / US so you can set that up. India is not startup friendly and this will be the case for some time to come. There is very little incentive to make things easier for the little fish.


Agreed on all points.

This problem has led to the proliferation of wallets. PayTM, ICICI Pocket and other virtual wallets are gaining ground super fast coz of their ease to do transfers. The whole market is heading in that direction purely because of RBI's short sighted policies.

I have a feeling that when a scandal/scam occurs on this type of a system. The ban hammer comes down on them too.


Tell me about it!

It's not just the RBI, every nook and cranny of Indian politics and bureaucracy is laden with such mentality, the only thing they know is strangle the bottlenecks, it is ridiculous!

I can't pay Aliexpress because they don't go along with paypal so well, for whatever reason, credit card transactions are declined everytime, because of the RBI's strangling policies, and this is with the leading national bank, can't pay via western union because for some reason you can send money to India but not from India, There is huge fee for bank to bank wire transfer, and no other way via post or any other. Such are the sad affairs of finance management in India.

And about other departments plagued too, I went to get petrol for my vehicle, which I couldn't drive to the station for it was that dry, on another vehicle to get some in a can. They outrightly refused to give oil in can because someone above passed an order restricting sale of oil in cans or bottles, the order seemed to be aimed at petrol used in protests, petrol bombs, and vandalism. I tried 2-3 stations but in vain.

India is emerging as a censoring and surveillance state fast, and the way it curtails things it soon might surpass US, Russia, China. Just wait and watch!


You can't just buy gas in a can here in Portugal either, and the same is true in other European countries and in Brazil. You need to have a certified recipient, due to safety concerns related to spills and gases that might leak.

What's annoying is that stations often don't sell them, so you need to carry one in your car.


Spills and gases are not even close to being on their agenda here, they just want to curb vandalism by denying them easy access to gas, for someone who really wants petrol for purposes other than as fuel in vehicles, it isn't that difficult to siphon some out of gas tanks of vehicles. That's how I did it, otherwise I wouldn't ever get to drive that vehicle again. How do you keep a can in car, if they don't sell it in cans, how do get oil in cans?


Aliexpress: I was able to do it via my Visa debit card.


They don't accept debit cards anymore.


> Not one Indian payment processor (I've talked to a many) gives you the option to create recurring subscriptions.

Not true, Paypal allows you to create recurring subscriptions in India, I already have two subscriptions which PayPal charges to my CC every month automatically. So, I'm questioning the premise of this post, PayPal certainly follows RBI regulations now, and if other payment processors are not doing it, it must be a business decision on their part, and maybe they will do it going forward. Can you provide any references of RBI policies prohibiting recurring subscriptions ?


Is the merchant established in India?


After a search, I see that companies need to obtain the necessary clearances from RBI (Indian or international) to charge recurring payments on credit cards. These are only granted to businesses with established track records. So, yes, a SaaS startup might not qualify for it. But as a consumer, I'm actually happy with this RBI policy.


You're happy to have no SaaS startups? Do you think there might be an alternative solution, that doesn't through the baby out with the bath water?


You can have SaaS startups w/o recurring CC payments.


Talking about CC is a distraction, because the meaning varies in different countries. (debit, credit, post-office, chequing, etc)

The majority of SaaS startups rely on friction free recurring payments. An even larger number of companies have a subscription model; e.g. Spotify, Team Treehouse, Soylent, Birchbox, Makespace and Netfix. Then you have all the 'One Click Purchase' companies like Uber...

The list of companies you can screw over with unnecessary regulation is extraordinarily large.


The problem with that -> there is no well defined criteria for what "established track records".


I'm guessing it is companies that have enough money and influence to get the right government officials to "listen" to them.


an established business with 3 years+ track record OR $3 million or more in transactions.

I assume that's how PayPal got it, they certainly qualify for the $3 million criteria.

If they lower the bar, they will have to do it for everyone, and a lot of unscrupulous businesses will try to place recurring chargebacks. What's wrong with billing the client every payment cycle, or let them pay on longer durations, like quarterly? Refund extra money if someone discontinues earlier. Plenty of options, until 3 years of a financial history, then apply for a RBI clearance.

Credit card fraud is very common across the world, maybe the guidelines can be more clear and the clearance process made simpler, however I don't see why a startup should be allowed to place recurring charges on cards unless they have been a trustworthy business for a while.


Bitcoin will solve most of these problems over time. Recurring payments isn't in yet, but other than that the tech is pretty close to where you need it to be. Probably theres a lot of room for a startup to come and offer value transfer solutions for indian citizens from outside the RBIs jurisdiction.


What I find compelling about cryptocurrencies is the inversion of trust. So for example we think of interactions with RBI or PayPal as necessary because we are trying to go from ledgers to rupees or dollars (because nobody accepts IOUs as payment).

But if cryptocurrencies take off the way they are probably destined to, then they may reach a higher level of trust than hard currency in some countries. We'll be trying to find ways to go from rupees or dollars to Bitcoins once Bitcoins are accepted everywhere.

I'm thinking the endgame for all of this is that banks will move more and more towards the investment side because it's so easy to make money on volatility (unless governments decide to crack down on making money simply for having money ..unlikely, although capital gains taxes will almost certainly go up to match normal income tax). The traditional "boring" banking that's used for things like mortgages and money transfers is going to have a tough time. That is, until we consider that dollars are backed by the power of their countries and Bitcoins aren't backed by anything, so people will probably rather hold their savings in banks with FDIC insurance rather than strings of random numbers.

After writing all of this out, I think what's going to happen is that capital gains taxes will give way to tariffs that are charged any time cryptocurrencies are converted to hard currency. So people will be free of hand holding until they go to buy a large asset like a car or home that the government can require hard currency for.

We'll probably need a progressive tax on cryptocurrency exchange or else we'll see wealth inequality magnified even higher than it is today. Another option would be to get rid of income tax and switch to a wealth-based accounting where people report the sum total of gains and losses for the year across all currencies and get taxed for increased wealth (or credited for a decrease).

On that note, the progressive tax could be applied each transaction by a factor proportional to each party's wealth rather than the amount of currency exchanged, so that taxes/credits could be applied continuously rather than on a yearly basis. So no more having to do your taxes, but bankers might switch to a style of accounting more like the IRS.


I do agree that this is some what of "babu" type mentality but there have to be fundamental changes in the structure/process of computer usage in India. For example, the security measures that can be taken by RBI can easily be worked around as most people go to CyberCafe's to use computers. Not many people own computers. The people running the said CyberCafe's have little to no awareness of what is going on in there. It's not very hard to bypass the anti-virus to insert keyloggers.

To make matters worse, some people simply go to the cybercafe owner and have him fill out all the forms and information as they do not know English. I have also seen one couple giving their CC information to the owner and the owner purchased something via Flipkart.


Look into the details, it is perfectly reasonable to protect the customer. I started complaining myself when I found it was so difficult here.

I see RBI Governor is competitive and responsible enough (and better than many other developed-country's central-bank governors)

As far as Uber's case goes - they used a work-around to bypass the restriction. It is unethical and illegal to do so. Many other Indian startups are also trying to do the same - and they must stop working around RBI rules.


Regarding recurring payments: this is a good thing in the eyes of the consumer. I want to pay for 1 month of something and only one month - and I find it pretty scummy that most companies don't allow for that. For example, Netflix, CodeSchool, etc.

Sure I can 'subscribe' for one month and then cancel, but why should I have to go through that step? What if I forget and three months down the line I remember that I had to manually cancel my sub?


While I am not trying to defend the RBI, I will try and give the reasoning from RBI's perspective. Note that I don't personally support these bans.

1) Banks in India do not provide easy ways to do chargebacks. Also, many people are not even aware that you can do chargebacks. I have to manually call a bank and ask them to do so after going through a couple customer service representatives. Also, consider that a big chunk of the population is coming in the ambit of financial institutions for the first time. Many people are opening their bank accounts for the first time. Many people in India still do not trust the banks. If they see a couple hundred bucks vanishing from their accounts, they might as well abandon putting money into the accounts. Incidents like Target or Home Depot if happen in India will rock the trust that people have in these institutions.

Banking in India is a business activity synonymous with trust [1]. And in my opinion RBI has done a fine job of it.

2) RBI banned Paypal earlier because it concluded it's not complying with regulatory framework of the country. These regulations are in place for a reason. If they are obsolete then we should campaign for them to be eased. But you don't get a free pass just because you are a big entity.

Paypal as they were operating earlier had to be regulated as a bank and PayPal does not want that to happen. Any entity which provides on-demand payments back then had to be regulated as a bank as per RBI rules. PayPal was basically circumnavigating this regulation so that they don’t have to answer questions to the government about how they conduct business. Also, getting a banking license requires a lot of regulatory oversight. The closed wallets regulations that RBI came out with later was a in my opinion direct response to this.

3) Uber was routing Indian card transactions internationally. They were in essence exploiting a loophole in the regulations. If RBI hadn't blocked Uber, then Olacabs, Flipkart, etc. will also have done the same. This will have directly undermined the 2FA policies RBI has put in place. Forcing Uber to comply with the policies was the right choice at that moment.

4) The proliferation of closed wallets has forced RBI to consider whether removing 2FA on small value transactions will be beneficial.

You should understand that India's economy has only been opened recently. A lot of the restrictions will go away with time. If you think they are harmful then convince the RBI of the same. But these restrictions cannot be removed overnight just because a new startup feels the need for the same. RBI's each decision will have far reaching impacts on the financial systems of the country and they need to be taken with utmost care and foresight.

[1] http://www.rbi.org.in/scripts/BS_SpeechesView.aspx?Id=587

Edit: Added more context for Paypal


Great comment. I am not sure why you personally don't support these bans. Of course, they need to be gradually lifted as and when business becomes more mature in this country; however, for reasons you have best illustrated, they should stay and be lifted on a case to case basis, also based on demonstrably good behaviour from the companies. There is absolutely no evidence to support that consumer protections leads to bad business outcomes - in fact, companies innovate to provide good service while complying with regulations (e.g. cash on delivery).


I feel long term I can't support the policies but short term they are absolutely fine.


>Can you imagine where half the SaaS startups will be without recurring credit card subscriptions?

I have done quite well opting not to use recurring credit card subscriptions for my SaaS, imho.

If you make a good product, customers will come back to use it again and again. They won't just forget about a product that worked wonders for them.

If you can't succeed without recurring billing then your product probably isn't good enough to succeed anyways.


> If you make a good product, customers will come back to use it again and again. They won't just forget about a product that worked wonders for them.

Ehhh I can turn that around. If you make a good product, customers will have enough confidence in that product to not want to consciously have to make a payment on a recurring basis. I'd suggest it's not something necessary for your product to succeed, but it's something your customers will probably want.


There's a lot of things that the RBI is doing that the US will do shortly. For example the Chip-n-Pin implementation in India (and Europe) will soon be adopted in the US By Oct 2015.

We have an additional liability requirement (I wont call it safety, since what it essentially does is pass on liability) of Two-Factor auth for online payments as well - which means that most Indian credit cards work only with some difficulty on international ecommerce sites.

That said, the RBI has been progressive in P2P payments - for example a lot of people do not know about IMPS (Immediate Payment Service) which takes place over phone SMS to transfer money instantly ... without needing a smartphone.

I think the RBI is fairly intelligent in understanding payments, and is trying to learn from the mistakes made elsewhere.

I feel this pain particularly accurately since my startup (shameless plug: RedCarpetUp.com) is trying to disrupt offline payments and trying to build an "Uber-like" wallet for hyperlocal retail. We have had to overcome serious regulatory challenges, but still have some way to go.


You need to provide some context for non-Indians. Not everyone knows what a PAN card is.


For anyone who doesn't know, http://en.wikipedia.org/wiki/Permanent_account_number

A tax ID (and physical card) issued to individuals and other tax-paying entities. The PAN must be quoted in all high-value cash transactions and money transfer mechanisms (such as PayPal).

By the way, for Indian taxpayers the advance tax deadline for this quarter is today :)


Thanks for clarifying. At first I thought it was referring to the Personal Account Number in: http://en.wikipedia.org/wiki/ISO/IEC_7813


Opportunity just presented itself. But it's dressed up as work.

I mean that seriously, someone can get paid very well streamlining recurring payments in India obviously. But it's going to be hard, like all things worth doing.


I'm surprised credit card companies still don't have some simple UI to enable/disable recurring transactions per business. Make it an opt-in, and most of the related fraud problems will go away.


I, on the other hand would say that things are better than before. And moreover, the no of credit card frauds is one of the lowest as compared to other countries.

It would be a bit more naive to say that RBI's policies are the worst, because these are the same policies which were much appreciated by the financial world during the 2008/2009 financial meltdown.

Yes, the policies are a lot difficult and sometimes does not makes sense. But it has been designed and implemented to be one of the robust financial systems in the world.


> Because certain people used to evade tax by purchasing goods directly with their Paypal balance. So, instead of catching the tax evaders the RBI found it easier to ban the whole thing.

PayPal wasn't helping in catching certain people either - or wasn't willing to come under the ambit of Indian banking/taxation rules. Besides how do you think one can "catch" certain people without actually enforcing some rules that companies agree to follow?

You can work around it by asking a card processor to generate a bill every month and send it to the customer for an online payment - that's how ISPs do it. I am sure you know this.

> Even big companies like Uber had to recently discontinue Credit card purchases because of these inane credit card policies of RBI

Really?

Flipkart does it, Amazon does it, Ola does it. Every damn company out there can do it but somehow Uber was/is unable to do it, right? Why? Because they didn't want to implement or go through the extra level of security added to every credit card transaction (either online - iPin or OTP, or off-line - PIN). That's one of the best security features RBI has introduced and I believe every country should have such additional plastic money security layers.

> I really don't think it's about customer security (since the rest of the world seems fine with it)

No, rest of the world isn't fine with it. And even if they are (let's assume for argument's sake) doesn't mean India should be too. Especially since seeing the minimal level of surveillance (it's a different devil altogether), policing, awareness and infrastructure to support these measure India has. So? India should let the fraud, thefts carry on till it catches up in infrastructure? I don't think so.

> Now what can we do about it?

First, imho, stop thinking on the lines that - these changes were made just to antagonize you "Startup people" and were not actually meant for consumer security, because they were and I as a, consumer, feel safe as hell having the ability to clear transactions with a PIN that only I know and a criminal can't do shit even if he/she has my credit card number, Exp date, and even CVV # - ridiculously all that is required to clear a transaction in many countries in of "rest of world" - esp. online. India is a huge nation and saying that credit card penetration is low might be the understatement of the century. People from all kinds of social, educational backgrounds are starting to use plastic money and they need these "ridiculous" security measure (just like I do).

Now, yes implementation is not as it should have been or isn't ideal, but try to see the limitations and maybe come up with an idea and suggest it to the proper authority. Maybe collaborate with other founders and try to reach the RBI head - heard he is a very genuine and reasonable guy. But remember you should go with a plan and not a rant!


I agree, as an European not used to dealing with them before the Internet, the system is just inane nowadays. "Just give these numbers to each and every merchant you do business with, and trust they won't abuse or leak them. Remember that you have to check each and every transaction to make sure it's not fraudulent, and have fun paying higher prices because merchants get hit with billions in fraud every year".

Our system of direct debit, where the client had (the rules might have changed recently) to authorize each merchant to charge your account, is much saner, even if some providers whine about it.

Protip: if your clients can't be bothered to spend 2 minutes authorizing your charges, you're not providing enough value to them.


The US system of authenticating the transaction vs the card/user seems to work pretty well. The US rapidly adopted online commerce and payment. Consumers, overall, have nothing to worry about. Since the merchants and banks are responsible for fraud on credit cards, they seem to be a bit more on to of things.

N=1, but with Wells Fargo, my credit card gets blocked now and then due to suspected fraud. Once it was due to a cloned card being used. Bit of an annoyance getting a new card (they're no Amex, who'd always overnight me a card, no matter where I was), but otherwise I had zero financial worry. Compare to my debit card. Not one have I even revived a warning about it, let alone a block. Even when I gave it to someone to use and take cash out on in another country.

EU and others seem to be rushing to implement strong auth, but as a consumer, screw that. Use machine learning and law enforcement to deal with it and let my experiences be unencumbered. Spending 2 minutes to authorize merchants seems like a large annoyance.


Since the merchants and banks are responsible for fraud on credit cards, they seem to be a bit more on to of things.

But are they?

"Total global payment-card fraud losses were $11.3 billion in 2012, up nearly 15% from the prior year. The United States—the only country in which counterfeit-card fraud is consistently growing—accounted for 47% of that amount, according to the Nilson Report: card issuers lost $3.4 billion and merchants another $1.9 billion."

This kind of inefficiency doesn't come cheap. There's a reason why VISA and Mastercard disallowed merchants to charge more for CC transactions.

EU and others seem to be rushing to implement strong auth, but as a consumer, screw that. Use machine learning and law enforcement to deal with it and let my experiences be unencumbered. Spending 2 minutes to authorize merchants seems like a large annoyance.

How is having your card blocked and having to wait days to receive it not being encumbered?

As for the debit card thing, that wasn't what I was talking about. I was talking about remote payments, where we use direct debit, not debit cards.


11 billion on what, 5-6 trillion in spending? So ~0.2%? In don't find that particularly terrible at all, in the slightest.

I've only had to replace my VISA card once in perhaps ten years, so overall it's not been an issue.

For direct debit, I get even more nervous. Now someone that's compromised my phone/PC or whatever I'm using can make difficult-to-reverse transactions?


Another limitation with Paypal in India is that Paypal cannot hold our balance. This is really shitty :(


Recurring subscriptions are live on paytm.com.


Brilliant analysis!


convenience is overrated


You nailed it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: