BI cancels Payment ID rollout amid public privacy outcry

Bank Indonesia (BI) has cancelled the rollout of its Payment ID system, which was originally scheduled to launch on Aug. 17, Indonesia’s Independence Day. The system was designed to monitor transactions by assigning each Indonesian citizen a unique code linked to their national identification number (NIK). News of the launch sparked public backlash, as BI had yet to publish many of the system’s technical specifications.

The Payment ID is not a new concept. It has long been part of BI’s Indonesia Payment Systems Blueprint (BSPI) 2030, a master plan outlining major digital initiatives to be implemented over the next decade. BSPI 2030 is built on five pillars: Enhancing its open API, developing retail and wholesale payment networks, improving financial data quality and advancing key regulatory reforms. The Payment ID falls under the financial data quality pillar, overseen by BI’s Working Group 4 (WG4).

BI has stated that the Payment ID is still in the sandboxing stage. The central bank says the system is expected to improve the accuracy of non-cash social assistance (bansos) distribution. However, public sentiment remains wary, with many Indonesians fearing that the Payment ID could become a tool to surveil their financial activities. Once implemented, the system could potentially track a citizen’s complete financial footprint, ranging from income to retail transactions made through bank savings accounts, credit cards and e-wallets, as well as online loan (pinjol) repayments.

The Payment ID mechanism is intended to address BI’s priority policy targets, particularly the online gambling epidemic that has become a major public concern, as well as the shadow banking networks that make such activities difficult to track and shut down. The system was expected to be integrated with other data initiatives under BSPI 2030, which made the government’s initial decision to launch it on Aug. 17 so unusual, especially given that much of Indonesia’s personal data infrastructure is still in development.

Under the original BSPI 2030 roadmap, the Payment ID was not scheduled to begin its initial implementation until 2027, with full deployment anticipated in 2029. While it is possible for large-scale projects to move faster than planned, bringing the timeline forward by two years seemed implausible to many observers. The move also clashed with the reality that Indonesia’s broader personal data initiatives, which will inevitably be intertwined with any system integrated with the NIK, are still ongoing.

One major gap is the absence of a personal data authority, an institution mandated by the Personal Data Protection (PDP) Law (Law No. 27/2022). This authority is envisioned as the guardian of sensitive personal data, including financial information, but has yet to be established. Without it, the governance and oversight mechanisms that would be essential for a Payment ID system remain incomplete.

Another legal foundation for the Payment ID is Law No. 1/2024, which amends the Electronic Information and Transactions (ITE) Law (Law No. 11/2008). Among other changes, the revisions introduce a “high-risk” classification for transactions, which are broadly defined as any that occur without face-to-face interaction. Such transactions must use an e-signature, a type of digital trust service based on e-certification rather than a physical signature.

This provision has drawn criticism from both industry players and policy observers, who argue that it is not technology-neutral. By mandating the use of a specific third-party service, they contend, the government risks creating a state-enforced monopoly. The “high-risk” label has also been called overbroad, lumping everyday grocery purchases into the same risk category as large financial transactions like mortgage loans.

The rushed nature of both the ITE revisions and the Payment ID launch plan has fueled perceptions that the government is pushing through sensitive digital infrastructure without adequate preparation. Market players have also raised concerns about the financial and operational burden of integrating e-certification into transaction flows on short notice. As the costs cannot realistically be passed on to consumers, payment providers would be forced to absorb them. Some industry stakeholders are also skeptical of the measure’s effectiveness in combating fraud, noting that many cases stem from compromised or stolen devices, a vulnerability that transaction-level e-certification would not address.