Biometric multi-factor authentication requirement for digital payments weighed by Indian government
The Indian government is considering implementing multi-factor authentication for digital transactions in the country to boost payment security and encourage more digital business with biometrics such as facial and iris recognition, Business Insider reports.
National Cyber Coordination Centre Chief Dr. Rajesh Pant revealed the discussions at a recent Associated Chambers of Commerce and Industry (ASSOCHAM) event, suggesting the government may move beyond passwords and one-time passwords (OTPs), as are mandated for UPI and payment apps such as PhonePe and Google Pay by the Reserve Bank of India (RBI).
New multi-factor rules could include requirements for biometric and location checks, possibly through mobile devices, though iris biometrics are not supported by the majority of smartphones. Some banking apps currently require location tracking to be enabled to complete transactions, as a fraud prevention and mitigation mechanism, according to the report.
“The trials of technology for multi-factor authentication are already going on abroad, once it gets approved then we will definitely bring it in India,” Pant says.
RBI has been working on establishing new rules to allow remote online onboarding leveraging Aadhaar biometrics for bank accounts to improve financial inclusion in the country. Aadhaar is used for eKYC in more than 100 million transactions some months.