RBI’s new rules for two-factor authentication of digital payments; Check alternative methods proposed
The Reserve Bank of India has made securing digital payments a top priority, emphasizing the need for Additional Factor of Authentication (AFA) when making payments. Authentication did not require any particular criteria.
By Sneha Kulkarni, ET Online |
ET Online
In order to allow the ecosystem to use different forms of authentication, the RBI has announced a draft on “Framework on Alternative Authentication Mechanisms for Digital Payment Transactions”.
The Reserve Bank of India has made securing digital payments a top priority, emphasizing the need for Additional Factor of Authentication (AFA) when making payments. Authentication did not require any particular criteria.
These 10 transactions will be reported as fraud to RBI, as per new rules
According to an RBI press release issued on July 31, 2024, “ the Reserve Bank of India has prioritised security of digital payments, in particular the requirement of Additional Factor of Authentication (AFA) for making payments. No specific factor was mandated for authentication, but the digital payments ecosystem has primarily adopted SMS-based OTP as AFA. While OTP is working satisfactorily, technological advancements have made available alternative authentication mechanisms.”
As per the draft, “Factor of Authentication: Any credential input by the customer which is verified for the purpose of confirming the originator of a payment instruction.
The factors of authentication are broadly categorised as below:
These are exempted from customer authentication:
Small value contactless card payments:
Small value card present transactions for values upto Rs 5000/- per transaction in contactless mode at Point of Sale (PoS) terminals.
E-mandates for recurring (other than the first) transactions:
Transactions in respect of:
a) subscription to mutual funds;
c) credit card bill payments, for values upto Rs 1,00,000, and in respect of all other categories, for values upto Rs 15,000/-.
Utility through select Prepaid Instruments / NETC:
Prepaid Instruments (PPIs) issued under PPI – Mass Transit Service and Gift PPIs.
Transactions in the National Electronic Toll Collection (NETC) System
Small value digital payments in offline mode:
Offline payment transactions up to a value of Rs 500/-.
The Reserve Bank of India has made securing digital payments a top priority, emphasizing the need for Additional Factor of Authentication (AFA) when making payments. Authentication did not require any particular criteria.
These 10 transactions will be reported as fraud to RBI, as per new rules
According to an RBI press release issued on July 31, 2024, “ the Reserve Bank of India has prioritised security of digital payments, in particular the requirement of Additional Factor of Authentication (AFA) for making payments. No specific factor was mandated for authentication, but the digital payments ecosystem has primarily adopted SMS-based OTP as AFA. While OTP is working satisfactorily, technological advancements have made available alternative authentication mechanisms.”
As per the draft, “Factor of Authentication: Any credential input by the customer which is verified for the purpose of confirming the originator of a payment instruction.
The factors of authentication are broadly categorised as below:
- Something the user knows (such as password, passphrase, PIN)
- Something the user has (such as card hardware or software token)
- Something the user is (such as fingerprint or any other form of biometrics).”
These are exempted from customer authentication:
Small value contactless card payments:
Small value card present transactions for values upto Rs 5000/- per transaction in contactless mode at Point of Sale (PoS) terminals.
E-mandates for recurring (other than the first) transactions:
Transactions in respect of:
a) subscription to mutual funds;
ADVERTISEMENT
b) payment of insurance premium and c) credit card bill payments, for values upto Rs 1,00,000, and in respect of all other categories, for values upto Rs 15,000/-.
Utility through select Prepaid Instruments / NETC:
ADVERTISEMENT
The following categories of instruments/systems:Prepaid Instruments (PPIs) issued under PPI – Mass Transit Service and Gift PPIs.
Transactions in the National Electronic Toll Collection (NETC) System
Small value digital payments in offline mode:
Offline payment transactions up to a value of Rs 500/-.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
Digital payments, mobile economy have significant room for expansion; no slowdown in transaction growth: Paytm CEO2026-05-30T16:26:42Z- Listed digital payment majors finally turn a corner in FY262026-05-29T00:30:00Z
- Gift City turns growth lever for cross-border digital payment firms2026-05-05T00:30:00Z
ADVERTISEMENT
