That's how you do it
I love nations that hold giant corporations' feet to the fire.
India’s Reserve Bank yesterday barred credit card giant Mastercard from signing up any new customers in the nation. A notice from the bank said Mastercard “has been found to be non-compliant with the directions on Storage of Payment System Data”. Those directions were issued in April 2018, and gave banks and payment systems a …
Hubris! They thought they were so big that India would never dare do anything like they just have. Now I'm sure the Indian government are more likely doing it to spy on their citizens than for any idea of data protection.
But, I'm so glad it's happened.
Actually it appears in part of their desire to ensure continuing western investment in the IT infrastructure.
India doesn't want to be the cheap option, they want to raise prices and quality but not lose investment as they level-up with western nations.
It will also come in handy for the security services, and for investigations into tax avoidance among multinationals (including MasterCard).
Indian's tata company owns infosys Uganda's number one provider of core bank solutions. They produce an app called finnacle.
Uganda has a law that all customer banking data must be stored within 5 miles of the central bank. That is why all banks that work in the country open a branch in the capital city.
But finnacle is an app that's run online out of India for bank of baroda. So this is a case where data isn't domiciled in the country.
Equity bank purports to run their core banking out of Kenya but I suspect its the same thing. Same with standard bank out of South Africa.
Barclays is the same thing. I have no idea where standard chartered bank is served out of but I suspect its another product from a server in Chenai.
If our cowardly central bank laid down the law, there would be alot of business going to India for migration jobs but the visa and immigration issues that would ensue as well as the politics of foreign labour would drive them nuts.
Uganda has a law that all customer banking data must be stored within 5 miles of the central bank. That is why all banks that work in the country open a branch in the capital city.
But... doesn't that make it easier for groups who want to target a bank as they know where to look?
If all customer data has to be within stored within 5 miles of the central bank, that will mean all the core data centers for the bank must be all in one area.
Wonder if they are allowed to keep data backed up in a different location. If not all it needs is some major disruption / disaster in the city and all the banks could be screwed.
I don't think a normal bank branch keeps all the data anyway.
Irony of ironiesIndian's tata company owns infosys Uganda's number one provider of core bank solutions. They produce an app called finnacle.
Uganda has a law that all customer banking data must be stored within 5 miles of the central bank. That is why all banks that work in the country open a branch in the capital city.
I'm not sure how 1 country enforcing it's laws, India, which pertains to data on its citizens, when another country isn't enforcing its laws, Uganda, is in any way ironic. India is under no obligation to enforce a foreign goverments laws, only its own.
This is going to become more of an issue in the coming decade. More countries are going to insist that data generated within their borders stays with those borders & anything that doesn't comply with local regulations is kep out. You can sre this with Ofcom's blocking powers in the Online Safety Bill. I think more countries will follow this.
Anon because i'm leading a team that is building a payment processing platform in India to comply with India data sovereignty laws....
The Indian government has its hands in Rupay, an Indian competitor and maybe one day hoped for replacement for Visa, Mastercard, Amex and so on.
https://en.wikipedia.org/wiki/RuPay
I'm sure leaning into Mastercard is all about a level playing field and not offering advantage to their own payment scheme.....