New VPN Norms – Government’s Take On Privacy

VPN has always been a subject of debate in India. 

As per AtlasVPN’s report, India had over 348 million VPN downloads in 2021. Despite having such popularity in 2021, the government recommended a VPN ban in India for privacy concerns. Although the ban didn’t occur, the Indian government has introduced some new VPN norms or regulations for users, mainly for VPN companies. 

In April 2022, India’s Computer Emergency Response Team (CERT) announced a new regulation that VPN companies in India will have to collect and store customers’ data for at least five or more years. 

Unsurprisingly, these new VPN Norms are creating a lot of buzzes. How will this new law affect VPNs? How will it impact users? Are VPNs illegal in India? There are lots of questions arising. 

To answer all your questions, we’ve compiled everything you need to know about the new VPN norms in India. But before digging deeper, let’s start with the basics: What is a VPN? 

What Is A VPN?

A virtual private network (VPN) is a technology that allows you to connect securely to private networks over public networks. It creates an encrypted connection between your computer and a server so that your internet traffic is encrypted and can’t be intercepted by anyone else.

With a VPN, you can access websites in countries where they might not be available, or you can use it to get around censorship (a lot of countries have strict firewalls that block specific sites), secure remote work, and browse the internet anonymously.

What Are The New VPN Norms?

The key takeaways from the new VPN rules are:

  • According to the new law, all VPNs must gather and store user data (user names, physical address, email address, and phone numbers) for five or more years. 
  • VPN companies also have to keep a log of the reason behind using the service. 
  • VPNs should record all the IP addresses used by users to register. 
  • Along with VPN services, virtual service network providers, data centers, and cloud service providers have also been requested to keep track and store similar user data. 
  • VPN services must report cybersecurity incidents to CERT within six hours of becoming aware of them. 

What Is the Government’s Take On These New VPN Norms?

The main purpose of the government behind imposing these new VPN rules is to improve the “cyber security posture” and ensure people have access to a “safe and trusted internet”.

The CERT also informed that they had identified gaps in safeguarding against online threats. That’s why they’ve published the new norms to prevent cyber attacks. 

“If you are a VPN provider, if you are a data centre operator, if you are a cloud provider, and if you’re an enterprise, you have an obligation to know who’s using your VPN infrastructure… If there is a detected cyber incident or cyber breach — from one of the people using your VPN or your cloud or your data centre, it is your obligation to produce the data,”Rajeev Chandrasekhar,  Union Minister of State for Electronics and Information Technology

How The New VPN Norms Impact Users & Companies 

The new rules received a lot of backlashes from the VPN companies. After all, the primary goal of VPN services is not to collect users’ personal information. 

The new norms will force these companies to store customer data which will increase costs and affect user privacy. 

India is among the top 10 VPN users around the globe. Various companies and individuals use VPN services to safely access private WiFi networks, remain anonymous, and many more. 

Several techies, students, and companies use VPNs to protect their data from third-party apps.

But with the new norms, they must go through a KYC process while registering a VPN. So, all VPN users will have their private data exposed to the government. 

It is also unclear how the government may use this data in the future. This raises a concern about the right to privacy for every individual. 

The Internet Freedom Foundation said the new norms lead to more concerns, such as the private enterprises and government “having more data than necessary”.

Several VPN companies like NordVPN, ProtonVPN, SurfShark, and ExpressVPN, have said that they are planning not to follow the newly imposed rules of India. After all, privacy is the main reason behind users investing in their premium plans. 

As per several VPN companies, they’ll continue to offer their no-logs policy to the users and threaten to pull back their service from India. 

The Bottom Line 

Despite all the backlashes from cybersecurity experts, stakeholder companies, and business advisory groups, the Indian government is pretty much firm on their new VPN norms. 

“If you don’t want to go by these rules, and if you want to pull out, then frankly … you have to pull out.” – Rajeev Chandrasekhar,  Union Minister of State for Electronics and Information Technology

The privacy experts have sought public consultation on this matter, asking for more tech industry involvement to find a solution that suits every individual. Lastly, it’s needless to say that it will be interesting to see if the VPN companies manage to implement the new norms before the deadline of September 25, 2022.   

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs, easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.
You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

Why Mandatory Verification of Online Gamers?

As online gamers in India grows, the Ministry of Electronics and Information Technology has drafted amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, to guarantee that games & gamers adhere to Indian laws and provide users with protection against potential harm.

Gaming has become a part of everyday life for many people, from casual mobile games to more hardcore console and PC gaming. As the popularity of gaming continues to grow, so does the importance of having an appropriate level of safety and security for gamers.

In this blog post, let’s explore what this proposal entails and why it is important. We will also discuss how it may affect both casual and professional gamers.

What is the government proposing for the Industry & Gamers?

The Ministry of Electronics and Information Technology (MeitY) proposed an amendment to bring online gaming under the ambit of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

The amendments seek to ensure due diligence from online gaming intermediaries so that users are not exposed to any activities breaching Indian law – such as gambling or betting – and also require a registration mark on all online games registered by self-regulatory bodies.

The Draft Rules

  1. A gamer must be informed of all online games offered by the gaming intermediary, as well as its policy regarding withdrawals and refunds of deposits made with the expectation of winnings. Also, how winnings will be determined and distributed, as well as the fees the user will have to pay for each game. 
  2. There should be a mandatory know-your-customer norm for verification (KYC).
  3. A user will need to be aware of the potential for addiction and the financial risks associated with each game.
  4. As part of the registration process of the game, the self-regulatory body must set up criteria for its content to protect the gamer from harm, including self-harm.
  5. Only games that are approved by the self-regulatory body will be permitted to operate legally in India.
  6. Five members will create the self-regulatory body’s board of directors, with expertise in online gaming, public policy, IT, psychology, and medicine.
  7. It is responsible for ensuring that the registered games do not contain anything that is not in the interest of India’s sovereignty, integrity, defense, security, friendly relations with foreign countries, or public order or that incites a cognizable offense.
  8. The Centre should be informed about the online games registered by all self-regulatory bodies, along with a report detailing the criteria for registering a particular game.

Why is there a need for such rules?

It is for protecting users from potential harm caused by skill-based games. 

  1. Innovation: As online gaming platforms are getting regulated as intermediaries and are subject to due diligence requirements, the online gaming sector will be promoted and innovation will be encouraged.
  2. Women Gamers Safety: Approximately 40 to 45% of Indian gamers are women, which makes keeping the gaming ecosystem safe all the more important.
  3. Because they generate revenue that needs proper regulation: In 2025, the Indian mobile gaming industry is to generate $5 billion in revenue. The industry grew at a CAGR of 38 percent between 2017 and 2020, versus 8% in China and 10% in the US.
  4. Credibility & Transparency: In addition to ensuring greater transparency, consumer protection, and investor confidence, this framework will boost the legitimate domestic online gaming industry.

What are the pros of the proposed mandatory verification of online gamers?

The proposed mandatory verification of online gamers has generated a lot of debate, with some people arguing that it is a necessary step to prevent underage gaming and others asserting that it will infringe on the privacy of gamers. Here, we take a look at the pros of the proposed policy: 

1) It would help to prevent underage gaming & Fraud: The proposed policy would require online gamers to verify their age before being able to play, which would help to prevent minors from accessing age-inappropriate content.

2) It could help combat cheating: By mandating age verification, it would become more difficult for people to create multiple accounts to cheat in online games.

3) It would promote responsible gaming: Making online gamers verify their age would encourage them to play responsibly and not engage in excessive gaming.

Our take

The government’s proposed mandatory verification of online gamers is a step in the right direction toward protecting citizens from online threats and fraud. With the implementation of this measure, users can be assured that their identities are secure when engaging with other players or playing games online. It will also help prevent illegal activities such as money laundering and identity theft which have been particularly rampant on gaming websites lately. In essence, this proposed measure could be immensely beneficial for both players and regulatory authorities alike by promoting safety and security in the digital world.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.
You can reach out to our team at reachout@signzy.com

Cross-Country Payments With RBI’s UPI- A Detailed Look At The Central Bank’s Future For International Remittance

India was the top recipient of remittances in the world in 2021, receiving over USD 87 billion. This represented a 4.6% increase above its remittance inflows from prior years. This is because remittances only represented 3.1% of the nation’s GDP in 2020.

Cross-country remittances are growing, and the Reserve Bank Of India(RBI) acknowledges this as they are deciding to act on it. Their initial plan is to add newer options to the 6-year-old Universal Payments Interface(UPI) that includes international payments. Prima facie is undoubtedly a step in the right direction. Yet we must look closely to see how it will impact the sector.

What Is RBI’s Initiative?

The Reserve Bank of India (RBI) stated in its annual report for FY21 that it is working on using UPI for cross-country transfers among jurisdictions.

RBI has looked into the idea of connecting UPI with comparable systems in other jurisdictions, particularly in the G20 countries, to improve cross-country and international payment arrangements. In addition, the apex bank claims to participate in the discussions over the fundamentals and roadmap of UPI and cross-country remittance with the Committee on Payments & Market Infrastructures (CPMI) and Financial Stability Board (FSB).

What Are Cross-Country Remittances?

For the uninitiated, cross-country remittances are transactions between individuals, companies, or banks in at least two countries. At the moment, cross-country and international payments are settled through a bank with branches in both nations. The bank converts money to local currency and charges users a commission of up to 10%. As a result, the procedure is time- and money-consuming.

What Is The Future Of Cross-Country Remittances In India?

The cornerstone of the cross-country payments ecosystem in India is likely to be laid by a similar agreement between PayNow, based in Singapore, and UPI’s governing organization, the National Payments Corporation of India (NPCI). The integration of UPI with PayNow has been formally announced, even though the efforts with different nations are at varying levels. According to the RBI, it should start operating in the second half of 2022.

The interlinking lowers the cost of cross-country remittances and will further anchor commerce, travel, and remittance flows between the two nations. It might also be used as an illustration of how different fast payment systems can be linked to sending money quickly and cheaply.

Essentially,

  • NPCI, an RBI initiative, has collaborated with several foreign organizations to share the UPI infrastructure but prevents cross-country payments.
  • The cross-country payments ecosystem in India is likely to be built around PayNow, a Singapore-based company, which is the sole partner of UPI.
  • According to the RBI, efforts are in various phases with different countries, but cross-country remittance via PayNow will start after July 2022.

UPI For Cross-Country Remittances

One of India’s payment settlement infrastructures with the quickest growth is UPI. The interface enables peer-to-peer payments across banks and platforms with a single pin. UPI recorded transactions of INR 10.4 Lakh Cr. in May 2022 alone because of its scalability and simplicity of usage.

As a result, numerous nations took note of the stack and made plans to implement the UPI functioning model in their countries. For this, NPCI’s international division, NIPL, has agreements with several banks in nations like the UAE, the US, Nepal, China, Japan, and several regions of Africa. However, so far, these partnerships have been signed to share the infrastructure and not enable cross-country payments.

For instance, in August 2021, NIPL announced its partnership with UAE-based Mashreq Bank to benefit 2 Mn+ Indians who travel to UAE for business or leisure every year.

In July 2021, NPCI partnered with the Royal Monetary Authority (RMA) of Bhutan to initiate UPI-based payments in Bhutan and benefit an estimated 200,000 tourists from India who travel to the mountain nation annually.

Other successful international partnerships in this space include Discover Financial Services (DFS) USA, Japan Credit Bureau (JCB) Japan, Union Pay International (UPI) China, PPRO Financial, UK, and Network for Electronic Transfers (NETS), Singapore, and Liquid Group, Singapore.

Bottomline

Once RBI implements this aspect of UPI, transactions will boom, and fintech enterprises need to be ready. A simple digital adaptation to accommodate the transforming technology won’t cut it. All processes will have to qualify for international standards, and better security measures must be implemented. All this needs to be done without compromising the experience of the customer.

If you seek to improve your processes and be ready for the looming change, we at Signzy might be able to help out. Our No-code AI-driven resources that are fully customizable are built for your needs. Check it out here.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com.

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

 

Who Regulates the NBFCs?- Supreme Court Settles The States’ Money Lending Laws Disparity With RBI

 

Last week, the Supreme Court held that Non­-Banking Financial Companies (NBFCs) regulated by the Reserve Bank of India could not be regulated by individual state enactments.

A bench of Justices Ramasubramanian V and Hemant Gupta said NBFCs play a vital role in contributing to the country’s financial health, whose operations are controlled by RBI. Therefore, it said that the Reserve Bank of India has no say in such a relevant matter of vital interest. It would strike at the fundamentals of the statutory control vested in the Reserve Bank of India.

“It may be true that many times RBI may not be controlling the rate of interest charged by NBFCs on the loans advanced by them. It does not mean that they have no power to step in,” the bench said.

The Supreme Court examined whether Non-Banking Financial Companies regulated by the Reserve Bank of India could also be regulated by specific State enactments such as the Kerala Money Lenders Act, 1958 and the Gujarat Money Lenders Act, 2011.

The fact that the Chapter III­B of the RBI Act assigns a supervisory role for the Reserve Bank of India to oversee and regulate the NBFCs’ functioning, including all their activities, automatically comes under the scanner of the RBI. This applies to the NBFCs from their inception (registration) till the time of their commercial denouement (winding up/cancellation).

“As a consequence, the single aspect of taking care of the interest of the borrowers which is sought to be achieved by the State enactments gets subsumed in the provisions of Chapter III­B,” the bench said.

The Supreme court also said it believed that the Kerala Act and the Gujarat Act would not apply to all NBFCs registered under the RBI Act, which the RBI regulates.

Therefore, the bench stated that all the appeals the NBFCs filed against the Kerala High Court’s judgment are standing and allowed. Similarly, the appeals the State of Gujarat filed against the judgment of the Gujarat High Court are wholly dismissed.

What It Means

The statement by the Supreme Court comes as a massive breath of fresh air for NBFC in particular and the fintech industry as a whole. None of the RBI-regulated financial companies need to get tangled in multiple jurisdictions and unnecessary compliance complications. Contradictions between jurisprudence are also apparent and transparent.

Even then, financial companies still need to follow many regulatory compliances. For this, they need reliable fintech service providers to ensure good service. Signzy can get you the apt products and services you seek. With our customizable AI-driven API resources for KYC, Onboarding, etc., which are absolutely regulations compliant, you can make all your financial technology processes optimized to the best degree.

 

Key Takeaways

  • The Reserve Bank of India(RBI) will unequivocally regulate Non-banking financial companies (NBFCs), and state money-lending laws will have no applicability to them.
  • The verdict was that the Kerala Act and the Gujarat Act would have no application to the NBFCs registered under the RBI Act and regulated by the RBI.
  • No NBFC can begin or carry on business without obtaining a registration certificate under the RBI Act; their continuation in business would depend upon compliance with the RBI Act and circulars/directions issued by the RBI.
  • This is impactful news for NBFCs as this will help maneuver unnecessary bureaucratic hurdles.
  • It creates a strict differentiation between local money lenders and Non-Banking Financial Companies.

About Signzy

Signzy is a market-leading platform that is redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering totally customizable workflows. It gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru, and it has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

RRA Refocus On Circulars- What The RRA’s recommendation To RBI Was And What It Means For The Fintech Industry

The Reserve Bank of India(RBI) stated the Regulations Review Authority(RRA 2.0) had recommended withdrawing an additional 225 redundant circulars on the RBI website. The Reserve Bank had set up the RRA 2.0(Regulations Review Authority) to reduce the burden of compliance on REs(regulated entities).

“RRA 2.0(Regulations Review Authority 2.0) has recommended withdrawal of an additional 225 circulars in the third tranche of recommendations,” the Reserve Bank Of India said in a statement last week.

The RBI is separately issuing the notifications, including the list of specific instructions recommended for withdrawal.

Once the Reserve Bank Of India does remove these redundant circulars, it will be a welcoming step for optimizing the regulatory compliance associated with the sector. Moreover, it will significantly help the banking and fintech industries as financial technology is constantly impeded by regulatory bureaucracy.

In the second tranche, the Regulations Review Authority 2.0 had also recommended merger/ discontinuation/ conversion to online submission of 65 returns. In addition, they also emphasized creating a new ‘Regulatory Reporting’ link on the central bank’s official website to consolidate all the information relating to any regulatory reporting.

History of RRA 2.0

The Reserve Bank of India established the Regulations Review Authority 2.0 to review all the regulatory instructions, reduce the burden of compliance on Regulated Entities (REs), and remove redundant and duplicate instructions.

Regulations Review Authority 2.0 focuses on properly streamlining regulatory instructions, reducing requirements for reporting wherever possible, and reducing the burden of compliance of the regulated entities(REs) by simplifying procedures and processes.

The Reserve Bank of India had established an RRA initially for only a year from April 1, 1999, for mostly reviewing the regulations, reporting systems, and circulars based on the genuine feedback from the banks, the public, and other financial institutions(FIs).

The recommendations of the Regulations Review Authority enabled streamlining and incrementing the effectiveness of various procedures and simplified regulatory prescriptions. It paved the way for issuing master circulars and reduced reporting burden on regulated entities; the RBI had said in April last year while announcing the setting up of RRA 2.0.

What this means for financial technology

The talk needs to be walked from the RBI website to the financial companies and regulated entities in the form of new rules. Once the redundant circulars are effectively withdrawn, it will be a comforting move for regulatory compliance in all sectors. This is particularly true in fintech. As the fintech industry is closely knit with advancing technology, outdated regulations constantly impede the excellent implementation of solutions.

Although RBI and other regulating entities are striving to walk the fine line of easing the processes for regulated entities while affirming the safety and security of the customers, it remains difficult to follow the proper regulatory compliance. This is especially true in cases of compliance involving digitization and automation. 

If you are concerned about how to handle this, you need not seek further. Signzy provides the-state-of-the-art API resources that are No-Code AI-driven and offer customizable options for all your needs. Check out our products here.

About Signzy

Signzy is a market-leading platform that is redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering totally customizable workflows. It gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru, and it has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

1 2 3 7