LICENCES

Home | LICENCEs | PAYMENT GATEWAY LICENSE + PAYMENT BANK + PREPAID WALLET + PAYMENT AGGREGATOR

(PAYMENT GATEWAY LICENSE + PAYMENT BANK + PREPAID WALLET + PAYMENT AGGREGATOR) Registration - An Overview

PAYMENT GATEWAY LICENCE

A financial service supplied by an e-commerce application service provider is referred to as a Payment Gateway. To start a Payment Gateway service in India, however, a Payment Gateway License must be obtained from the Reserve Bank of India. This digital platform not only allows you to purchase, but it also allows you to pay bills and recharge your phone.

LINCENCE FOR STARTING PAYMENT GATEWAY BUSINESS IN INDIA

Based on the provisions of section 4 of the Payment and Settlement System Act 2007, no individual except the Reserve Bank of India can either operate or start a payment mechanism. Further, if an individual or a business entity wants to commence the same, then, in that case, they need to file an application for authorization to the Apex Bank. The same must be based on the provisions of section 5 of the PSS Act 2007.

HOW DOES A PAYMENT GATEWAY OPERATE IN INDIA?

There are a series of operations that are carried out by the Payment Gateway which are explained as follows:

  1. Encryption
    In the first stage, the user’s browser encrypts the data before sending it to the appropriate vendor’s server. The payment gateway subsequently sends the transaction data to the payment processor that was designated.

  2. Authorization Request Form
    Once the payment processor has properly received the data, it sends it to the appropriate card association. In addition, the bank that provided the payment card examines the transaction at this point and either denies or approves it.

  3. The Order is filed.
    If the relevant bank approves the transaction, the authorization for both the customer and the merchant is then transferred to the Payment Gateway’s main processor. After receiving the response from the main processor, the information is forwarded to the portal for payment processing.

ADDITIONAL FACILITIES

Besides providing the facility of quick payments, the additional facilities offered by Payment Gateways are as follows:

  • Delivery Address Verification;
  • Advanced Visual System Checks;
  • Computer Finger Printing Technology;
  • Velocity Pattern Analysis;
  • Identity Morphing Detection;
  • Calculation of the Tax for Authorization of Request forwarded to the respective Processor

BASIC REQUIREMENTS OF PAYMENT GATEWAY LICENCE

The basic requirements of Payment Gateway License in India:

  • The said entity or company must be incorporated under the provisions of the Companies Act 2013 or the Companies Act 1956;
  • A Minimum of 2 Members;
  • A Minimum of 2 Directors;
  • Address Proof of the Business;
  • 5 years Business Plan;
  • PAN of the Company;
  • Current Bank Account details of the Company;
  • System Flow & Code Testing Report by the Software Certifying Agency;
  • Service Tax Registration Number
  • Compliance with the PCI DSS

DOCUMENTS NEEDED FOR PAYMENT GATEWAY LICENCE IN INDIA

The documents needed for obtaining Payment Gateway License in India are as follows:

  • A copy of the issued Certificate of Incorporation (COI) to the Company by the Registrar of Companies (ROC)
  • Details of PAN Card of the Directors
  • Address Proof of the Directors
  • Digital Signature Certificate (DSC) of the Directors
  • Director Identification Number (DIN) of the Directors
  • Registered Office’s Address Proof
  • Comprehensive Details of the Company’s Current Bank Account
  • Business Plan of the Company for the Next Five Financial Years
  • Report regarding the Testing Code by a Software Agency

REGISTRATION PROCEDURE FOR OBTAINING PAYMENT GATEWAY LICENCE IN INDIA

The steps involved in the Registration Procedure for obtaining Payment Gateway License in India are as follows:

  1. File Application For Registration
    The applicant must first submit an application for authorization in the required Form A. The same is done in accordance with section 5(1) of the PSS Act. Furthermore, the stated application shall be sent to the “Chief General Manager” of the “Department of Payment & Settlement Systems” at the Reserve Bank of India’s Central Offices in Mumbai, or to other RBI offices as mandated by the RBI from time to time.

  2. RBI Checks Authenticity
    Obtaining RBI permission for the issuing of the authorisation is discretionary under section 6 of the Payment and Settlement System Act 2007.

  3. Compliance Of Conditions For Authorization
    The Reserve Bank of India will take the conditions as follows into the account prior to issuing the authorization:
    a) The necessity for the proposal payment mechanism or the services that have been declared to be undertaken by it;
    b) All the technical standards that have been decided for the payment mechanism or the structure of the decided payment system;
    c) The terms and conditions, inclusive of the security procedure, for the operation of the proposed payment system;
    d) The method in which the assignment is done in the provided payment system;
    e) The manner or the way for getting of payment instructions that will affect the payment conditions under the payment system;
    f) The overall management’s financial status, experience, and the integrity of the applicant;
    g) The terms & conditions that govern and regulate the relationship of the customers with the respective payment providers;
    h) The credit & monetary policies;
    i) Time frame for authorization;

  4. Issuance Of Authorization Certificate
    If the Reserve Bank of India (RBI) is satisfied that all of the requirements of section 7(1) have been met, it may give the applicant an Authorization Certificate in Form ‘B’ for the establishment and operation of a payment system. Furthermore, the RBI’s authorization will take effect on the date specified by the RBI and subject to the criteria set by the RBI.

  5. Authorization Within 6 Months
    Based on the provision of section 4 of the Payment and Settlement System Act 2007, the Reserve Bank of India is needed to process the application filed for authorization at the earliest, with a maximum time frame of six months, starting from the date on which the said application for the authorization has been filed.

IT REQUIREMENTS FOR OBTAINING PAYMENT GATEWAY LICENCE IN INDIA

The different IT Requirements for obtaining Payment Gateway License in India are as follows:

  • Information Security Governance;
  • Data Security Standards;
  • Security Incident Reporting;
  • Merchant On-boarding;
  • Cyber Security Audit & Reports;
  • Staff Competency;
  • Vendor Risk Assessment;
  • Maturity & Roadmap;
  • Cryptographic Requirement;
  • Data Sovereignty;
  • Data Security in Outsourcing;
  • Payment Application Security;

PAYMENT BANK

Payment bank is a new concept by the Reserve Bank of India ( RBI ). This bank can accept a restricted amount till 1 lakh per customer.

REGISTRATION PROCESS

  1. The applicant should register a public limited company under Companies Act.
  2. Application shall be submitted to the Chief General Manager, Department of Banking and Regulation, Reserve Bank of India.
  3. The applicant should also embellish the business plans and other required informations such as details of the promoter, details of the entity promoting the bank, proposed business structure etc.
  4. After the scrutinizing of the application by the board the name of the said applicant will be published in the RBI official website.
  5. After the final approval the company need to establish a bank within 18 months from the date mentioned in the license.

DOCUMENTS REQUIRED

  1. Document and information on the individual promoters
  2. Documents and details of the company promoting the bank.
  3. Documents and details of the company in the promoter group.

BENEFITS OF PAYMENT BANK LICENCING

  1. Zero account balance.
  2. Higher Interest Rate.
  3. It is safe and secure.
  4. It is convenient.
  5. Cash back and documents.

PREPAID WALLET

Prepaid wallets are such financial instruments which help in the transfer or carrying money in the digital form. RBI is responsible for granting licenses for Prepaid wallets. Many existing and new companies are constantly applying for Prepaid Wallet Licenses.

DOCUMENT REQUIRED FOR THE PREPAID WALLET LICENCE

  1. Name of the organization
  2. Address proof of the organization’s registered office.
  3. The constitution of the organization
  4. Organization’s certificate of incorporation.
  5. Primary business of the organization.
  6. The information of the administration.
  7. The information of the statutory auditor and banking details of the organization.
  8. Recent check out balance sheet of the company.
  9. Other important documents needed.

REGISTRATION PROCESS FOR THE PREPAID WALLET LICENCE

  1. An application with prescribed fees is made as per regulation 3(2) of the Payment and Settlement Regulations, 2008 and it is send to the Reserve Bank of India for license.
  2. RBI shall begin the screening process to check the eligibility of the applicant.
  3. RBI shall also examine some particulars such as customer services, efficiency, technical, safety, security and other related requirements.
  4. After meeting all the eligibility criteria of the applicant, RBI issues an in-principal approval. The effectiveness of the in principal approval shall be 6 months from the date approval.
  5. The company had to submit a System Audit Report to RBI orelse the in principal approval issued by the RBI will expire automatically.
  6. After making sure that all the requirements are fulfilled the company is granted with Certificate of Authorization and the company has to start its business within 6 months from the date of issue of certificate.

BENEFITS OF PREPAID WALLET

  1. Prepaid wallet are the most safe and secured platform for making money transactions.
  2. Prepaid wallet are time saving as one can pay all kinds of bill through PPI’s such as electricity bills, telephone bills etc from any place at any time.
  3. It makes the transactions very easy.
  4. This platforms doesn’t require any kind of application fees.

PAYMENT AGGREGATOR LICENCE

Payment aggregators, also known as merchant aggregators, are service providers that allow e- commerce merchants to execute their payment transactions. Merchants can use aggregators to accept credit cards and bank transfers without needing to open a bank account. Payment Aggregators, according to RBI standards, are businesses that enable e-commerce sites and merchants to accept a variety of payment instruments from customers in order to fulfil their payment commitments without the need for merchants to develop their own payment integration system.

RBI GUIDELINES ALSO DEFINE THE FOLLOWING IN REFERENCE TO OBTAINMENT OF PAYMENT AGGREGATOR LICENCE:

  1. Overall Procedure for Application of Payment Wallet License and Payment Aggregator License;
  2. Prerequisites for Payment Aggregator License;
  3. Fees and other Charges for Payment Aggregator License;
  4. Net Worth and Capital Requirements for Payment Aggregator Licence and Payment Gateway;
  5. Guidelines for Governance of Payment Aggregators and Payment Gateways;
  6. Standards to be Followed against Money Laundering (KYC / AML / CFT) Provisions;
  7. Merchant Onboarding Guidelines
  8. Guidelines for Settlement and Escrow Account Management
  9. Customer Grievance Redressal and Dispute Management Framework
  10. Security, Fraud Prevention and Risk Management Framework
  11. Security Related Recomendations t Aggregators and Payment Gateways 
  12. Meaning and definition of Payment Aggregator;
  13. Periodic reports to be submitted by Authorised Payment Aggregators

APPLICABILITY

Issued guideline is applicable on all payment aggregators and aggregators shall also adopt technology-related recommendation as follow:

Security-related recommendation:

  • Information Security Governance: In order to recognize risk exposures with remedial steps and residual risks, the entities shall carry out a comprehensive security risk assessment of their people, IT, business process environment, etc. This may be an internal security audit or an external security audit carried out by an independent security auditor or an impaneled auditor of CERT.
  • Data security standards: Data security standards and best practices, like PCI-DSS, PA-DSS, latest encryption standards, protection of transport channels, etc.
  • Reporting of security incidents: The entities shall report to RBI security incidents/cardholder data breaches within the specified timeframe. Monthly records of information security incidents shall be sent to RBI with root cause analysis and preventive measures undertaken.
  • Merchant Onboarding: The agencies conduct a thorough safety review during the merchant onboarding process to ensure that the merchants conform to these minimum baseline security controls.
  • Cyber Security Audit and Reports: The entities shall carry out and submit to the IT Committee quarterly internal and annual external audit reports; bi-annual Vulnerability Assessment / Penetration Test (VAPT) reports; PCI-DSS including Attestation of Compliance (AOC) and Report of Compliance (ROC) compliance report with observations noted if any including corrective/preventive actions planned with action closure date; inventory of applications which store or process or transmit customer sensitive data; PA-DSS compliance status of payment applications which stores or processes cardholder data. Other recommendations
  • The credentials of the customer card shall not be kept in the merchant’s database or server.
  • No choice shall be given for ATM PIN as an authentication factor for card transactions that are not present.
  • Instructions concerning the handling of payment system data shall apply as applicable to PSOs.
  • All refunds shall be made to the original payment system unless the consumer has expressly agreed to reimburse an alternate mode.

CAPITAL REQUIREMENT

Existing Payment Aggregators shall achieve a net-worth of ₹15 crores by March 31, 2021, and a net-worth of ₹25 crores by the end of the third financial year, i.e., on or before March 31, 2023. All the time thereafter net-worth of ₹25 crores shall be maintained.

BENEFITS OF AGGREGATOR

  • Cost effective for a small transaction
    The payment aggregator model aims to provide a boost for the processing of credit card & wallet payments, with a limited start-up or fixed costs. A variable merchant fee is applied to each successful transaction in place of start-up fees or fixed rates.
  • Easy Access payment, on spot
    It’s easy to submit and set up even better. You can start processing e-commerce payments directly after signing up, or just pop the quick swipe on your mobile phone and you’re ready to make payments on the go.
  • Quick approvals
    In India payment gateway can be made within 3-7 working days. Easy to add on the website. Time is money, and the faster you begin processing; the faster profits begin to roll in.

BASIC REQUIRMENTS FOR REGISTRATION

  1. Minimum two directors and two member
  2. Minimum capital requirement net-worth of 15 crores, which should be increased in 3 years to 25 crore
  3. Business address proof
  4. Detailed 5 year business plan
  5. System flow and code testing report by software certifying agency
  6. Payment aggregator organization should have complied with PCI DSS compliances

DOCUMENTS REQUIRED:

  1. Company COI (certificate of incorporation)
  2. MOA & AOA (Memorandum and article of association)
  3. Business address proof
  4. Detailed 5 Years Business plan
  5. PCI DSS certificate
  6. Proof of net worth
  7. Canceled cheque
  8. Bank statement of the last 12 months
  9. Last Audited Balance sheet of last 2 year (or since the business has been incorporated)

FAQs

What types of business of payment gateways is suited in India?

Any business can take the form of sole-proprietorship, partnership, or the structure  of a company; however, the business of payment gateways is suited if formed as a private limited company in India.

How the Payment gateways comply with IT Regulations?

A separate Website Privacy Policy and Terms and Conditions Policy must also be completed to comply with IT regulations up for the company’s lawyer’s portal.

What is Authorization Certificate in Form ‘B’?

RBI may issue the Authorization Certificate in Form ‘B’ for commencing and carrying on a payment system to the applicant only if RBI is satisfied that all the requirements laid down in Section 7(1) gets fulfilled.

STAY UPDATE WITH US

Get helpful tips and info from our news letter!