FB pixel

RBI mandates dynamically generated authentication for digital payments

RBI mandates dynamically generated authentication for digital payments
 

To support advancements in authentication technology, the Reserve Bank of India (RBI) has mandated the implementation of an additional factor of authentication (AFA). These factors must be dynamically generated, meaning they are created after the payment initiation and must not be specific to the transaction or reusable.

No particular factor is mandated for AFA.

This requirement applies to all digital payment transactions except small-value contactless card payments up to 5,000 rupees (approximately US$60) at point-of-sale terminals, e-mandates for recurring transactions, and small-value digital payments through offline mode, as reported by the New Indian Express.

The issuers of these new authentication methods can adopt a risk-based approach to determine the appropriate AFA, as per RBI. Factors such as the risk profile of the customer and beneficiary, transaction value, among others, can be considered. It’s also mandatory for issuers to alert customers in real-time for all eligible digital payment transactions.

According to the RBI guidelines, in the context of scale implementation, the issuer is prohibited from engaging in exclusivity agreements with any payment service provider or technology service provider that could restrict the deployment of alternative authentication.

RBI has emphasized the importance of securing digital payments through AFA. In the latest draft of the “Framework on Alternative Authentication Mechanisms for Digital Payment Transactions,” RBI has encouraged the adoption of new authentication technologies.

The current digital payment system in India relies on SMS-based one-time passwords (OTPs).

Earlier this year, the RBI planned additional fraud risk management measures for Aadhaar-enabled Payment System (AePS) fraud through cloned fingerprints and a proposal to revise the onboarding process for Aadhaar service providers.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics pilots, launches and investments foreshadow next areas for growth

Biometrics pilots, a patent, predictions and acquisitions paint a picture in the most popular news items of the week on…

 

Biometrics firms pitch privacy in age assurance ahead of US court battle

The U.S. is facing its first constitutional debate connected with age verification in 20 years: The Supreme Court will have…

 

Permira finalizes $1.3B majority stake acquisition of BioCatch

Permira Growth Opportunities has completed the acquisition of a majority position in behavioral biometrics and fraud prevention business BioCatch, four…

 

ATO attacks surge in Q2 2024, Sift warns of growing ‘Fraud-as-a-Service’ threat

A recent report highlights the growing threat of account takeover (ATO) attacks, which surged by 24 percent in the second…

 

EU AI pact sets new standards for ethical AI use across Europe

By Tony Porter, Chief Privacy Officer at Corsight AI The European Union’s AI Pact marks a crucial step towards forming…

 

Deepfake detection challenge, integration to protect content integrity unveiled

A new deepfake detection competition has been announced with the intention of advancing “next-generation deepfake detection and localization systems” development….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events