Mobile Wallet License

Mobile Wallet License in India

The concept of mobile wallets in India was introduced in 2009-2010 to replace cash-based transactions. It was initially launched to do prepaid recharges and bill payments. However, it has evolved into a crucial yet sophisticated digital payment gateway, accounting for 85% of all digital transactions in India. Whether for paying utility bills, booking tickets, or transferring funds, mobile wallets have emerged as a convenient alternative to cash. Popular platforms like MobiKwik, Paytm, and Airtel Money have reached the doorsteps of Indian households, making digital transactions a part of everyday life. Mobile wallet services require a proper regulatory license issued by the Reserve Bank of India (RBI) under the Payment and Settlement Systems Act, 2007.

What is a Mobile Wallet?

A mobile wallet, also known as a Prepaid Payment Instrument (PPI), enables users to store money digitally and make payments online. Instead of carrying cash or physical cards, you can use your mobile wallet to:

• Pay for things in stores by tapping your phone (using NFC).
• Send or receive money from others.
• Store card details, like debit/credit cards, loyalty cards, or even tickets.

Example: Apple Pay, Google Pay, and Samsung Wallet

Legal Framework

Mobile wallet operations in India are governed by the following statutes and rules:

• Payment and Settlement Systems Act, 2007: The statute authorises the RBI to regulate and supervise payment systems in India. It empowers RBI to grant or revoke licenses, issue operational conditions, and penalise violations related to prepaid payment instruments.
• Master Directions on Prepaid Payment Instruments (PPIs): It was issued in August 2021 to consolidate all the operational rules applicable to PPIs. It defines wallet categories, licensing criteria, KYC requirements, transaction limits, interoperability mandates, grievance mechanisms, and customer protection standards.
• Know Your Customer (KYC) Directions, 2016: It defines the customer identification procedures, risk categorisation, periodic updating requirements, and documentation obligations for onboarding.
• RBI Guidelines on Cybersecurity for Payment Systems (2022): It prescribes the minimum cybersecurity standards, periodic audits, encryption protocols, tokenisation, access controls, and data breach.
• Prevention of Money Laundering Act, 2002 (PMLA): Mobile wallet operators in India fall under the definition of 'reporting entities' and are required to maintain records of transactions, report suspicious activity to the FIU-IND, and adopt anti-money laundering (AML) and counter-terrorism financing (CFT) policies
• Information Technology Act, 2000: It provides the responsibilities of wallet service providers for data protection, handling personal information securely and provides the penalty for unauthorised disclosures of information or breaches.
• Foreign Exchange Management Act (FEMA): This is applicable in cases of foreign investment in the wallet or when there is cross-border remittance and e-commerce.

Types of Mobile Wallets in India

There are three types of mobile wallets in India

1. Open System PPIs (Open Wallets)

These wallets are used for purchases, fund transfers, and cash withdrawals at ATMs, point of sale terminals, or through banking channels. Only authorised banks are permitted to issue open system PPIs.

RBI Status: Only scheduled commercial banks (and permitted NBFC-bank partnerships) are allowed to issue open wallets. These are subject to full-KYC compliance, mandatory interoperability, escrow maintenance, and periodic audits.

Example: HDFC PayZapp, ICICI Pockets Wallet, Airtel Payments Bank Wallet

2. Semi-Closed System PPIs (Semi-Closed Wallets)

These wallets allow users to purchase goods and services, including financial services, at identified merchant locations or establishments that have a contract with the issuer to accept the instrument. Cash withdrawal is not permitted under this license.

RBI Status: RBI authorisation is mandatory. Issuers must comply with capital adequacy norms, KYC regulations, transaction limits, interoperability (post full-KYC), and periodic reporting.

Example: Paytm Wallet (non-bank), Freecharge Wallet, PhonePe Wallet (when not using UPI rails).

3. Closed System PPIs (Closed Wallets)

These wallets are issued by an entity to facilitate the purchase of goods and services exclusively from that entity. They do not allow cash withdrawal or redemption.

RBI Status: No RBI authorisation is required since these instruments are not classified as payment systems.

Example: Amazon Pay (used for transactions only on Amazon), Ola Money (usable solely for Ola rides or affiliated services).

Eligibility Criteria for Wallet License

To apply for a semi-closed or open wallet license, the applicant must:

• The applicant must be a company incorporated in India under the Companies Act, 2013. Partnerships, LLPs, or unincorporated bodies are not eligible to apply for a mobile wallet license.
• The company must have a minimum net worth of ₹15 crore at the time of application. It must be increased to ₹25 crore within three years of the commencement of operations.
• The entity must possess secure and scalable digital infrastructure for wallet operations, along with encryption, tokenisation, and cybersecurity measures in line with RBI’s cybersecurity guidelines.
• Non-bank PPI issuers must maintain an escrow account with a scheduled commercial bank.
• The applicant must appoint a statutory auditor and an internal auditor and provide for annual system audits, reconciliation procedures, and data integrity validations.
• A detailed 5-year business plan must be submitted outlining market strategy, expected transaction volumes, risk controls, fund flow mechanisms, and merchant onboarding strategy.