Digital payment security: RBI to implement principle-based framework for authentication
RBI Governor Shaktikanta Das stated that with a view to secure digital payment transactions further, the central bank is implementing a principle-based framework for authentication. This move is designed to encourage the adoption of alternative authentication mechanisms, enhancing the security of digital payments beyond the commonly used SMSbased OTP method. The framework is a response to the evolving technological landscape and the emergence of new authentication technologies.
Further enhancing the digital payment ecosystem, the RBI has proposed the introduction of programmability and offline functionality in the Central Bank Digital Currency (CBDC) pilot. These new features aim to facilitate transactions for specific or targeted purposes and enable payments in areas with limited internet connectivity, respectively. The CBDC Retail (CBDC-R) pilot, which currently supports Person to Person (P2P) and Person to Merchant (P2M) transactions, is set to become more versatile with these additions.
To strengthen the Aadhaar Enabled Payment System (AePS), the RBI has outlined plans to streamline the onboarding process for AePS service providers and introduce additional fraud risk management measures. This initiative is expected to enhance the system’s security and robustness, reinforcing its role in promoting financial inclusion through digital payment transactions.
Moreover, the RBI is extending the requirement for a Key Fact Statement (KFS) to cover all retail and MSME loans. This measure aims to improve transparency in lending by ensuring borrowers are well-informed about the all-inclusive annual percentage rate (APR) and available recovery and grievance redress mechanisms. The KFS mandate is part of the RBI’s ongoing efforts to enhance clarity and fairness in the lending process.