RBI MPC Meet: With Focus On Digital Payment Security, Principle-Based Framework For AFA Announced, Check Details

To enhance the security of digital payments, the Reserve Bank of India (RBI) Governor Shaktikanta Das at the Monetary Policy Committee (MPC) meeting on February 8, 2023, proposed to implement a principle-based framework for Additional Factor of Authentication (AFA) of digital transaction. “The SMS-based OTP mechanism has become very popular. But to enhance the security of digital payments, it is proposed to put in place a principle-based framework for authentication of such transactions,” RBI Governor Shaktikanta Das said. Over the years, the Reserve Bank has prioritised the security of digital payments, in particular the requirement of an Additional Factor of Authentication (AFA). Though RBI has not prescribed any particular AFA, the payments ecosystem has largely adopted SMS-based One Time Password (OTP). "With innovations in technology, alternative authentication mechanisms have emerged in recent years. To facilitate the use of such mechanisms for digital security, it is proposed to adopt a principle-based “Framework for authentication of digital payment transactions. Instructions in this regard will be issued separately," an RBI release said.

The RBI's recent decision on December 28, 2023, to raise e-mandate limits for recurring transactions without Additional Factor of Authentication (AFA) to Rs 1 lakh has eased the transaction's stringent security protocols. The limit increase applies to mutual fund subscriptions (SIP payments), payment of insurance premiums and credit card bill payments.

Also Read: RBI MPC Maintains Unchanged Repo Rate: What It Means For Homebuyers And Home Loan Borrowers?

Other Digital Payments Announcements

AePS Transactions: The RBI's focus on enhancing security extends to enhancing the security of the Aadhaar Enabled Payment System (AePS). Recognising the significant role played by AePS in promoting financial inclusion, but considering the latest instances of fraud, the RBI proposed to streamline the onboarding process for AePS service providers. AePS helps bank customers to use their Aadhaar as his/her identity to access his/ her respective Aadhaar-enabled bank accounts and perform basic banking transactions like balance enquiry, cash deposits, cash withdrawals, and remittances through a Business Correspondent.

Operated by the National Payments Corporation of India (NPCI), AePS currently caters to over 37 crore customers.

Offline Functionality in CBDC Pilot: In another announcement, the RBI announced plans to introduce programmability and offline capability in the Central Bank Digital Currency (CBDC) retail payments. This expansion aims to enhance the accessibility of CBDC-R, to government agencies and corporates enabling targeted transactions and facilitating payments in areas with poor internet connectivity. The CBDC Retail (CBDC-R) pilot currently enables Person to Person (P2P) and Person to Merchant (P2M) transactions.

While maintaining the repo rate at 6.50 percent, for the sixth consecutive policy review of no rate action. The last hike in the repo rate by 25 basis points (bps) was done on February 8, 2023. "Amid lingering uncertainties, monetary policy has to remain vigilant and the last mile of disinflation navigated, the RBI Governor said explaining why it was unchanged," RBI said.