It was on a Friday, 6 April, that the Reserve Bank of India (RBI) dropped the bomb. A circular. Its innocuous title was “Storage of Payment System Data”, which didn’t suggest what was in store at all. But in 15 very to-the-point lines, it twisted the knife deeper in the back of multinationals with each word. It said all payment processors need to store end-to-end transaction details and all associated data in the country. It said the regulator needed unfettered access to the data. It finished the job by giving companies six months to do it.
The panicked calls flew fast and thick, from payment processors like Visa and Mastercard to technology companies like Google and Facebook.