HT TECH wants to start sending you push notifications. Click allow to subscribe

RBI rolls out new authentication methods for digital payments, alternatives to SMS-based OTPs: Check details

In an effort to safeguard digital transactions, the RBI has issued guidelines promoting the use of alternative authentication mechanisms. This move aims to replace the sole reliance on SMS-based OTPs.

By: MD IJAJ KHAN
Updated on: Aug 07 2024, 07:08 IST
RBI strengthens digital payment security by introducing new authentication methods beyond SMS OTPs. (Pexels)

The Reserve Bank of India (RBI) has introduced a new Framework on Alternative Authentication Mechanisms for Digital Payment Transactions to bolster online payment security. This initiative emphasises the importance of Additional Factor of Authentication (AFA) in protecting digital transactions.

Current Authentication Practices

Authentication Factor Aggregation (AFA) involves using multiple factors to verify payment instructions. Traditionally, SMS-based One-Time Passwords (OTPs) have been the most common method for AFA in digital payments. However, advancements in technology have led the RBI to explore alternative authentication methods.

You may be interested in

Mobiles Tablets Laptops

Also read: Sonova launches first of its kind hearing aid with real-time AI: Here's how it works

Also read: Looking for a smartphone? To check mobile finder click here.

RBI's New Framework

On July 31, 2024, the RBI announced the new framework, which underscores the need for AFA while recognizing the potential of other technological solutions to enhance security. Authentication factors are divided into three types by the framework:

1. Knowledge-based: Information known to the user, such as passwords, passphrases, or PINs.

2. Possession-based: Items the user possesses, such as hardware or software tokens.

3. Inherence-based: Attributes unique to the user, such as fingerprints or other biometrics.

Also read: iPhone, Mac and iPad users, update software urgently to avoid getting hacked - Check Indian Government’s alert

Risk-Based Authentication

The framework allows issuers, including banks and non-banks, to use a risk-based approach to determine the appropriate AFA for each transaction. Considerations include transaction value, origination channel, and the risk profiles of the customer and beneficiary. Issuers must promptly notify customers of eligible digital payment transactions.

Exemptions to AFA Requirements

Certain low-risk transactions are exempt from AFA requirements under the new framework. These include:

1. Small-value contactless card payments up to 5,000 at Point of Sale (PoS) terminals.

2. E-mandates for recurring transactions in specific categories and limits, such as:

  • Mutual fund subscriptions up to 1 lakh
  • Insurance premium payments
  • Credit card bill payments
  • Other e-mandates up to 15,000
  1. Utility payments can be made with specific types of prepaid instruments, namely those designated for mass transit and gift purposes.
  2. Transactions within the National Electronic Toll Collection (NETC) System.

Also read: Elon Musk takes OpenAI to court, claims ChatGPT-maker prioritises profits over public benefit

Technological Advancements and Future Directions

During its February Monetary Policy Committee (MPC) meeting, the RBI acknowledged the rise of alternative authentication methods driven by technological advancements. The need for a principle-based framework to authenticate digital payment transactions effectively is becoming increasingly clear.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on ,Twitter, Facebook, , and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 06 Aug, 16:27 IST
Tags:
NEXT ARTICLE BEGINS