In an era where digital transactions are becoming the norm, the Reserve Bank of India (RBI) is taking bold steps to ensure the security of such transactions.
In a recent statement, the RBI revealed its plans to introduce a 'Framework for authentication of digital payment transactions.
' This marks a significant shift from the widely used SMS-based One Time Password (OTP) system, signaling the bank's commitment to evolving its policies to match the pace of technological advancements in the payments industry.
Embracing New Authentication Mechanisms
The proposed framework aims to enhance the security of digital payments by facilitating alternative authentication mechanisms.
Shaktikanta Das, the RBI Governor, emphasized the bank's proactive facilitation of various mechanisms like the Additional Factor of Authentication (AFA) for securing digital payments.
While the RBI has not mandated a specific form of AFA, SMS-based OTPs have emerged as a dominant method in the payment sector.
Principle-based Approach to Digital Security
The RBI's move towards this principle-based framework underscores its commitment to digital security.
The framework is expected to outline principles that will guide the use of innovative alternative authentication methods.
The RBI will also issue separate instructions detailing the framework's implementation, ensuring a smooth transition towards these new methods.
Strengthening the Aadhaar-enabled Payment System
Parallel to this initiative, the RBI is also proposing to streamline the onboarding process for Aadhaar-enabled Payment System (AePS) service providers and introduce additional fraud prevention measures.
The AePS, operated by the National Payments Corporation of India (NPCI), has played a pivotal role in financial inclusion, with over 37 crore users undertaking AePS transactions in 2023.
The RBI's proposed measures not only aim at preventing the misuse of customers' credentials but also bolster cash withdrawals through Aadhaar-based biometric authentication of business correspondents and agents.
As digital transactions continue to grow in volume and complexity, the RBI's initiative to introduce a principle-based framework for authentication could serve as a blueprint for other institutions worldwide, striving to balance convenience, security, and innovation in the digital payment landscape.
