wordpress blog stats
Connect with us

Hi, what are you looking for?

RBI to introduce ‘Digital Payment Security Controls’ guidelines

The Reserve Bank of India (RBI) will introduce new Digital Payment Security Controls for regulated entities, to enhance the adoption of digital payments platforms in a more safe and secure manner. The central bank will issue a draft guideline soon for public comments, it said in its Statement on Developmental and Regulatory Policies on December 4.

The guidelines will be technology and platform agnostic, the RBI said. “[…] it is proposed to issue Reserve Bank of India (Digital Payment Security Controls) Directions, 2020 for regulated entities to set up a robust governance structure for such systems and implement common minimum standards of security controls for channels like internet, mobile banking, card payments, among others,” it said.

At present, banks have to comply with security guidelines set by the RBI, while payment system operators licensed by the central bank have separate guidelines. Further, banks, non-bank companies and third-party apps that provide payments services on top of the National Payments Corporation of India’s (NPCI) various payments platforms, like Bharat Bill Payment System (BBPS) or the Unified Payments Interface (UPI), have to follow security guidelines issued by the umbrella payments organisation.

A holistic digital payment security controls guideline from the RBI will create a uniform set of standards, regardless of the type of entity. Albeit, there will be differences in implementation between payments apps and banks depending on the scales at which they each operate.

Bharat Panchal, chief risk officer for India, Middle East and Africa, FIS says that with the digital payments industry expected to grow rapidly going forward, there are numerous threats that could hamper its adoption in the country. “In the new proposed draft the by central bank, one can expect measures like increasing payment speed and reducing the infrastructure complexity, real-time fraud detection and prevention, improving the precision of risk scoring and accuracy of transaction blocking, and continuously screening for known fraud patterns,” he said in a statement.

Advertisement. Scroll to continue reading.

Improving compliance of payments settlement files

The RBI has also said that settlement files of various payments systems should be uploaded to the central bank on all days of the year through the eKuber system, an internal core banking system of the RBI. “This measure will reduce build-up of settlement and default risks and enable better management of funds by member banks. It will also enhance overall efficiency of the payments ecosystem. Instructions in this regard will be issued shortly,” it said.

Payment system operators and banks will have to upload daily settlement files for the UPI, RuPay, National Financial Switch, National Eletronic Toll Collection (FASTag), Immediate Payments System and Aadhaar Enabled Payments System, under the proposed change in compliance requirements.

In June this year, the RBI began publishing daily transaction data on various payments platforms based on settlement volumes at the end of the day. “This initiative to disseminate payment systems activities data on a daily frequency is expected to facilitate better research and also contribute to innovations in payment systems,” it said.


**Update (December 4, 2020 5:40 pm): Updated with statement from Bharat Panchal, chief risk officer for India, Middle East and Africa, FIS. Originally published on December 4, 2020 at 1:58 pm.

Advertisement. Scroll to continue reading.
Written By

Reports on banking, payments, fintech and crypto-curencies. Additional reporting on media regulations, data protection and other areas.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ