Learn More Services
Know About Our Team
Learn More About Us
Our essence is rooted in being honest and straight forward. We advise and advocate what we truly believe.
Our team and collective efforts allow free flow of information and knowledge from top to bottom and vice versa.
Teamwork is rooted in affluence DNA and we very much acknowledge the outcome of team work.
We firmly believe that Confidentiality is the cornerstone of our Profession and strive to maintain it to the fullest possible extent.
We believe that the simplest solution is the best one.
We understand only our profession and we are devoted to it. We are cent percent committed to the delivery of quality services to our clients.
The Reserve Bank of India (RBI) has been issuing guidelines from time to time on the Regulation of Payment Gateways and Payment Aggregators to regulate the Payment Aggregators (PAs) and Payment Gateways (PGs) in the interest of the consumer as it holds large volumes of consumer data. The new guidelines issued by RBI forbids the PAs and PGs from storing consumer card credentials on their database or server as a financial security measure. RBI has issued norms for regulating payment aggregators and payment gateways through various circulars as amended from time to time and at the request of the industry stakeholders
| vide circular DPSS.CO.PD.No.1810/02.14.008/2019-20 dated March 17, 2020 | the authorised non-bank payment aggregators and merchants on-boarded by them were prohibited from storing card data (CoF) from June 30, 2021 |
| Vide circular CO.DPSS.POLC.No.S33/02-14-008/2020-2021 dated March 31, 2021 | further extended to December 31, 2021 |
| vide circular CO.DPSS.POLC.No.S-1211/02-14-003/2021-22 dated December 23, 2021 on “Restriction on storage of actual card data [i.e. Card-on-File (CoF)]” | at the request of the industry stakeholders for devising alternate mechanism(s) to handle any use case or post-transaction activity, this timeline was extended to June 30, 2022 |
| RBI/2022-23/77 CO.DPSS.POLC.No.S-567/02-14-003/2022-23 Restriction on Storage of Actual Card Data [i.e. Card-on-File (CoF)] dated June 24, 2022 | the timeline for storing the actual card data i.e. Card-on-File (CoF) has been extended by three months till September 30, 2022 post which new card storage rules shall apply. |
Payment Aggregators (PAs) and Payment Gateways (PGs) are intermediaries playing an important function in facilitating payments in the online space.
A payment gateway acts as a transaction intermediary between merchants and customers while a payment aggregator facilitates fund transfers between two parties and a bank. A Payment Aggregator can provide a Payment Gateway, but a Payment Gateway can’t offer or provide a Payment Aggregator.
With effect from January 1, 2022, no entity in the card transaction / payment chain, other than the card issuers and / or card networks, shall store the CoF data i.e. actual debit card/credit card data. Any previous data stored therein shall be purged. Accordingly, neither the authorized Payment Aggregators (PAs) nor the merchants on-boarded by them can store customer card credentials within their database or server.
All your saved credit and debit card details have to be deleted by 30th September, 2022, and one will need to manually enter all your card details for every online payment. However, your explicit approval will allow merchant authority to work with your bank and card networks to provide you with the same seamless payment experience as it was earlier.
It is observed that considerable progress has been made in terms of token creation. Transaction processing based on these tokens has also commenced, though it is yet to gain traction across all categories of merchants. Further, an alternate system in respect of transactions where cardholders decide to enter the card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transactions”) has not been implemented by the industry stakeholders, so far. In addition to tokenisation, industry stakeholders may devise alternate mechanism(s) to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward / loyalty programme, etc.) that currently involves / requires storage of CoF data by entities other than card issuers and card networks
Example: – While using amazon application one used to save his/her card details on the said application, just he/she while purchasing anything from the app need to input CVV number followed by OTP and then the transaction use to take place successfully. But from September onwards one need to put all the detail manually such as Card Number, Name, Card Expiry Number followed by CVV and OTP. This measure is taken to prevent unauthorized use of Card.
Tokenization refers to replacement of actual card details with a unique alternate code called the “token”, which shall be unique for a combination of card, token requestor and device
To improve the safety and security of card transaction, RBI has permitted card networks for tokenisation in card transactions for a specific use case.
All Payment System Providers and Payment System Participants authorized card payment networks are permitted to offer card tokenization services subject to the conditions listed in circular DPSS.CO.PD No.1463/02.14.003/2018-19 dated January 08, 2019 on “Tokenisation – Card transactions” to any token requestor (i.e., third party app provider). This permission extends to all use cases / channels [e.g., Near Field Communication (NFC) / Magnetic Secure Transmission (MST) based contactless transactions, in-app payments, QR code-based payments, etc.] or token storage mechanisms (cloud, secure element, trusted execution environment, etc.).
Initially vide circular CO.DPSS.POLC.No.S-516/02-14-003/2021-22 dated September 07, 2021 on “Tokenisation – Card Transactions : Extending the Scope of Permitted Devices” authorised card networks were permitted to offer card tokenization services to any token requestor limited to mobile phones and tablets of interested card holder only, this facility was subsequently extended to include consumer devices -laptops, desktops, wearables (wrist watches, bands, etc.), Internet of Things (IoT) devices, etc., vide our circular CO.DPSS.POLC.No.S-469/02-14-003/2021-22 dated August 25, 2021 on “Tokenisation – Card Transactions : Extending the Scope of Permitted Devices”.
This initiative was undertaken by RBI with an expectation to make card transactions more safe, secure and convenient for the users. The ultimate responsibility for the card tokenisation services rendered rests with the authorised card networks. All other instructions related to card transactions shall be applicable for tokenised card transactions as well. All extant instructions of Reserve Bank on safety and security of card transactions, including the mandate for Additional Factor of Authentication (AFA) / PIN entry shall be applicable for tokenised card transactions also.
In the interest of clarity, the following points may be noted
Valuation opinion requires the right blend of analysis, experience and professional judgement. Our team has a Registered Valuer as required under
We provide financial, tax and corporate law due diligence support to our clients for inbound and outbound transactions.
ESOPs are one of the important tools to attract and retain employees and have long term career with the organization.
There are several compliances specified under FEMA for Indian Companies having FDI and ODI (Indian entities having investments in overseas Joint Venture
We carry experience of 15 years for registration of the NBCF with the RBI or carry out the process for change in management and control of the NBFC.
FinTech Companies are broadly categorized into digital payments or digital lending Companies. At Affluence,
India has emerged as one of the most attractive destinations not only for investments
We provide the entire gamut of Corporate Law Services, essential in rapidly changing regulatory and corporate environment.
SEBI plays an important role in regulating all the players operating in the Indian capital markets. It attempts to protect the interest of investors and aims at
We provide advisory and support services to the corporates/other entities, devising and structuring solutions for stress mitigation in their enterprises/units.
On the journey of transformation of a private company into a public company, success depends a great deal on a coordinated team
The efforts of any management in modern business environment are towards enhancing a shareholder’s value. The taxes (both direct and indirect) and
We at Affluence, adopt a comprehensive approach for implementation and compliances related to the GST and with an object to offer seamless services to our clients listed below.
In the fast-changing environment, procuring and retaining skilled staff is a challenge. Specially in the case of SMEs, in the absence of accounting manual
Today’s businesses across the globe increasingly seek better decision-making and stronger internal controls in order to attain greater shareholder value.
‘Startup India’ is a flagship initiative of the Government of India, intended to catalyze startup culture and build a strong and inclusive ecosystem for innovation and
Assurance and accounting services are directed towards supporting stakeholders such as lenders and investors. Our standardized
Director stand in a fiduciary position with the Company and Director will be held liable if Director do not act diligently in discharging his/her duties.
People are our greatest asset and we believe in our people. Our multi disciplinary team would always go that extra mile to ensure that all the client deliverables are prepared within agreed time frame to technical standards and presentational quality. Our success is greatly dependent on quality and performance of our people.
