Connect with us

Hi, what are you looking for?

News

India to Mandate Two-Factor Authentication for Most Digital Payments

India to Mandate Two-Factor Authentication for Most Digital Payments
India to Mandate Two-Factor Authentication for Most Digital Payments

India may soon require two-factor authentication (2FA) for most digital payments as part of a new initiative by the Reserve Bank of India (RBI). Announced on Wednesday, the proposal mandates a dynamically generated second authentication factor for various digital payment methods, including card payments, mobile banking, and prepaid channels.

There are a few exceptions, such as physical card transactions, recurring payments like premiums and subscriptions, small offline transactions under Rs 500 (around $6), and contactless payments under Rs 5,000 (around $60).

Currently, online payments in India predominantly use SMS-based one-time passwords (OTPs) for authorization. However, the RBI considers OTPs outdated in the face of modern digital risks and advocates for more advanced authentication mechanisms.

Though the RBI has not specified the replacements for OTPs, possible alternatives include biometrics, pins, passphrases, and tokens. The central bank aims to enhance security by leveraging technological advancements for authentication.

India to Mandate Two-Factor Authentication for Most Digital Payments

India to Mandate Two-Factor Authentication for Most Digital Payments

The proposed authentication methods are categorized into three groups: something the user has (e.g., ATM cards or software tokens), something the user knows (e.g., passwords or pins), and something the user is (e.g., biometrics such as fingerprints or facial recognition).

It will be the responsibility of banks and payment service providers to select the additional authentication factors to be used, but implementing double authentication will be compulsory.

RBI will be accepting feedback on this proposal until September 15. After the consultation period, financial institutions will be given three months to comply with the new rules. This timeline indicates a swift implementation aimed at bolstering the security framework for digital payments in India.

Additionally, the RBI has introduced a new rule related to e-mandates and Know Your Customer (KYC) processes. If no transactions occur with a vendor for six consecutive months, banks will need to redo the KYC for the mandate.

Moreover, e-mandates are now applicable for credit card payments, mutual fund and insurance payments up to Rs 1 lakh (about $1,194), and other recurring transactions up to Rs 15,000 (about $179). These measures aim to ensure continued security and compliance in the financial ecosystem.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Threads is experimenting with a new feature that allows users to set a 24-hour timer on their posts. After this period, the post and...

News

AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year....

News

Charles Hoskinson, the founder of Cardano, has voiced dissatisfaction with recent changes to Tron’s native stablecoin, USDD. He reacted to a report indicating that...

Tech

A team of international researchers has developed Live2Diff, an AI system that transforms live video streams into stylized content in near real-time. Named for...