FB pixel

RBI mandates dynamically generated authentication for digital payments

| Abhishek Jadhav
Categories Biometrics News  |  Financial Services
RBI mandates dynamically generated authentication for digital payments
 

To support advancements in authentication technology, the Reserve Bank of India (RBI) has mandated the implementation of an additional factor of authentication (AFA). These factors must be dynamically generated, meaning they are created after the payment initiation and must not be specific to the transaction or reusable.

No particular factor is mandated for AFA.

This requirement applies to all digital payment transactions except small-value contactless card payments up to 5,000 rupees (approximately US$60) at point-of-sale terminals, e-mandates for recurring transactions, and small-value digital payments through offline mode, as reported by the New Indian Express.

The issuers of these new authentication methods can adopt a risk-based approach to determine the appropriate AFA, as per RBI. Factors such as the risk profile of the customer and beneficiary, transaction value, among others, can be considered. It’s also mandatory for issuers to alert customers in real-time for all eligible digital payment transactions.

According to the RBI guidelines, in the context of scale implementation, the issuer is prohibited from engaging in exclusivity agreements with any payment service provider or technology service provider that could restrict the deployment of alternative authentication.

RBI has emphasized the importance of securing digital payments through AFA. In the latest draft of the “Framework on Alternative Authentication Mechanisms for Digital Payment Transactions,” RBI has encouraged the adoption of new authentication technologies.

The current digital payment system in India relies on SMS-based one-time passwords (OTPs).

Earlier this year, the RBI planned additional fraud risk management measures for Aadhaar-enabled Payment System (AePS) fraud through cloned fingerprints and a proposal to revise the onboarding process for Aadhaar service providers.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Thomson Reuters and Socure partner on AI-driven fraud prevention

Thomson Reuters is moving deeper into digital identity verification and fraud prevention through a new partnership with Socure, tying together…

 

Keir Starmer’s political crisis casts shadow on UK’s digital ID plans

Last week, the King’s Speech set out 37 bills for the new parliamentary year, including the Digital Access to Services…

 

Biometric Update report analyzes how MOSIP is reshaping digital identity infrastructure

Biometric Update has published a new report examining the growing role of the Modular Open Source Identity Platform (MOSIP) in…

 

Hancomwith joins South Korea’s 2026 Zero Trust pilot with SASE‑based security model

Hancomwith is taking part in the South Korean government’s 2026 Zero Trust Adoption Pilot Project. The initiative is supposed to…

 

Cambodia launches digital driver’s licences, national ID services expand

Cambodia is expanding its digital government drive with the launch of digital driver’s licences, while also stepping up national ID…

 

ID.me and Verisys partnership points to broader CMS digital identity push

ID.me and Verisys have launched a strategic partnership aimed at helping state Medicaid agencies verify provider identities, validate credentials, and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events