RBI plans new framework for authentication of digital transactions


Mumbai, Feb 8 (IANS): The RBI on Thursday said that it has decided to come out with a new framework for authentication of digital payment transactions and introduce additional norms to enhance the security of the Aadhaar Enabled Payment System (AePS).

Over the years, the Reserve Bank has prioritised security of digital payments, in particular the requirement of Additional Factor of Authentication (AFA). Although the RBI has not prescribed any particular AFA, the payments ecosystem has largely adopted SMS-based One Time Password (OTP). With innovations in technology, alternative authentication mechanisms have emerged in recent years.

“To facilitate the use of such mechanisms for digital security, it is proposed to adopt a principle-based 'Framework for authentication of digital payment transactions'. Instructions in this regard will be issued separately,” the RBI said.

To enhance the security of AePS transactions, it is proposed to streamline the onboarding process, including mandatory due diligence, for AePS touchpoint operators, to be followed by banks. Additional fraud risk management requirements will also be considered. Instructions in this regard shall be issued shortly, the RBI said.

Aadhaar Enabled Payment System, operated by NPCI, enables customers to perform digital payment transactions in assisted mode. In 2023, more than 37 crore users undertook AePS transactions, which points to the important role played by AePS in financial inclusion.

 

  

Top Stories


Leave a Comment

Title: RBI plans new framework for authentication of digital transactions



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.