No two-factor authentication needed for payment up to Rs 15,000 through e-mandate; higher recurring limit for these transactions
The Reserve Bank of India introduces a new e-mandate framework for digital payments effective 2026. As per new rules, all recurring transactions will now be authorised without Additional Factor Authentication (AFA) up to Rs 15,000 per transaction....
By Shaghil Bilali, ET Online | Updated:
ET Online
All recurring transactions that go through e-mandate will now be approved without Additional Factor Authentication (also known as Two Factor Authentication) for amount up to Rs 15,000 per transaction. However, there are exceptions for paying insurance premiums, investing into mutual funds, and making credit card bills payment, which can be done without the Additional Factor Authentication (AFA) for amount up to Rs 1 lakh per transaction. These updated rules are part of the Digital Payments – E-mandate Framework, 2026, released by the Reserve Bank of India (RBI) today (Tuesday, April 21, 2026). Additionally, the framework states that the issuer authority must offer customers the option to change the validity period or cancel the e-mandate at any time.
The new digital payment e-mandate framework created by merging earlier e-mandate guidelines is applicable to all payment system providers and payment system participants involved in processing recurring transactions, domestic or cross-border, using cards/PPI/UPI.
What e-mandate framework focuses on
The framework explains rules related to the registration and revocation of e-mandate, processing of first transaction and subsequent recurring transactions, pre and post transaction notifications, transaction limits and velocity check and dispute resolution as well as grievance redressal. Let’s go through the key factors of the e-mandate framework.
Registration and revocation of e-mandate
The framework says a customer who wants to opting for an e-mandate facility will have to undertake a one-time registration process. The mandate will be registered only after the successful validation of AFA in addition to the normal process required by the issuer.
The guidelines further reveal that every e-mandate registered by the issuer must specify the validity period of the e-mandate. The issuer shall provide the customer with a facility to modify the validity period or withdraw the e-mandate at any point of time. Information about this facility shall be clearly communicated to the customer at the time of registration, as per the framework.
Additional factor of authentication (AFA) required in these e-mandate cases
Under the new rules, an additional factor of authentication (AFA) will be required during the registration of an e-mandate, for the first transaction and for the modification and cancellation of an e-mandate.
Transaction limits and velocity check
The framework says that all recurring transactions can be authorised without AFA up to Rs 15,000/- per transaction. However, transactions above this amount shall be subject to AFA.
Exception to Rs 15,000 rule
The framework further says the payment of insurance premiums, subscription to mutual funds, and credit card bill payments may be made without AFA up to Rs 1 lakh per transaction.
Users allowed to set validity period of e-mandate
Users can now set the validity period, modify or cancel mandate systems, set maximum limit for variable payments and get the option to choose notification mode (SMS/email).
Mandatory alerts to be sent to users
As far as pre-transaction notifications are concerned, the issuer has to send an alert to the user 24 hours before the debit of the amount. Such a notification must include the merchant’s name, transaction amount, date and time of debit, the reference number of e-mandate and the reason for debit.
Post-transaction notification to be sent to users
The mandate also says an issuer shall send a post-transaction notification to the customer. Such a notification will inform the customer about the merchant’s name, transaction amount, date and time of debit, reference number of transaction and e-mandate, reason for debit, i.e., e-mandate registered by the customer and details on the grievance redressal.
Dispute resolution and grievance redressal
The mandate directs the issuer to establish an appropriate dispute redressal system to facilitate the customer to lodge a grievance.
The framework says the RBI instructions on limiting liability of customers for unauthorised transactions will be applicable to recurring transactions under e-mandates.
Other provisions
The framework reveals that no charges shall be levied to the customer for availing the e-mandate facility for recurring transactions.
In the case of cards, existing e-mandate(s) can be mapped to reissued cards, the framework says.
The new digital payment e-mandate framework created by merging earlier e-mandate guidelines is applicable to all payment system providers and payment system participants involved in processing recurring transactions, domestic or cross-border, using cards/PPI/UPI.
What e-mandate framework focuses on
The framework explains rules related to the registration and revocation of e-mandate, processing of first transaction and subsequent recurring transactions, pre and post transaction notifications, transaction limits and velocity check and dispute resolution as well as grievance redressal. Let’s go through the key factors of the e-mandate framework.
Registration and revocation of e-mandate
The framework says a customer who wants to opting for an e-mandate facility will have to undertake a one-time registration process. The mandate will be registered only after the successful validation of AFA in addition to the normal process required by the issuer.
The guidelines further reveal that every e-mandate registered by the issuer must specify the validity period of the e-mandate. The issuer shall provide the customer with a facility to modify the validity period or withdraw the e-mandate at any point of time. Information about this facility shall be clearly communicated to the customer at the time of registration, as per the framework.
Additional factor of authentication (AFA) required in these e-mandate cases
Under the new rules, an additional factor of authentication (AFA) will be required during the registration of an e-mandate, for the first transaction and for the modification and cancellation of an e-mandate.
Transaction limits and velocity check
ADVERTISEMENT
The framework says that all recurring transactions can be authorised without AFA up to Rs 15,000/- per transaction. However, transactions above this amount shall be subject to AFA.
Exception to Rs 15,000 rule
ADVERTISEMENT
The framework further says the payment of insurance premiums, subscription to mutual funds, and credit card bill payments may be made without AFA up to Rs 1 lakh per transaction.
Users allowed to set validity period of e-mandate
Users can now set the validity period, modify or cancel mandate systems, set maximum limit for variable payments and get the option to choose notification mode (SMS/email).
Mandatory alerts to be sent to users
As far as pre-transaction notifications are concerned, the issuer has to send an alert to the user 24 hours before the debit of the amount. Such a notification must include the merchant’s name, transaction amount, date and time of debit, the reference number of e-mandate and the reason for debit.
Post-transaction notification to be sent to users
The mandate also says an issuer shall send a post-transaction notification to the customer. Such a notification will inform the customer about the merchant’s name, transaction amount, date and time of debit, reference number of transaction and e-mandate, reason for debit, i.e., e-mandate registered by the customer and details on the grievance redressal.
Dispute resolution and grievance redressal
The mandate directs the issuer to establish an appropriate dispute redressal system to facilitate the customer to lodge a grievance.
The framework says the RBI instructions on limiting liability of customers for unauthorised transactions will be applicable to recurring transactions under e-mandates.
Other provisions
The framework reveals that no charges shall be levied to the customer for availing the e-mandate facility for recurring transactions.
In the case of cards, existing e-mandate(s) can be mapped to reissued cards, the framework says.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
ADVERTISEMENT
