RBI Relaxes 2-Factor Authentication Norms for Transactions Under Rs. 2,000

Share on Facebook Tweet Snapchat Share Reddit Comment
RBI Relaxes 2-Factor Authentication Norms for Transactions Under Rs. 2,000
  • OTP isn't mandatory for online transactions below Rs. 2,000
  • Customers opting for this facility will have a one-time registration
  • Authorised card networks will bear liability in event of any breach

In a bid to speed up small value online transactions, the RBI today relaxed norms for 2-factor authentication for payments up to Rs. 2,000.

Relaxing the norms for 2-factor authentication requirement for transactions up to Rs. 2,000 for online CNP (card not present) transactions, the RBI said only authorised card networks will provide such payment authentication solutions with participation of card issuing and acquiring banks.

"The relaxation for AFA [Additional Factor of Authentication] under such solutions shall be applicable for card not present transactions for a maximum value of Rs. 2,000 per transaction across all merchant categories. Banks and card networks are free to facilitate their customers to set lower per transaction limits," RBI said.

In this model, the card issuing banks will offer the payment authentication solutions of the respective card networks to their customers on an optional basis. Customers opting for this facility will go through a one-time registration process requiring entry of card details and 2-factor authentication by the issuing bank.

"Thereafter, the registered customers will not be required to re-enter the card details for every transaction at merchant locations that offer this solution and thereby save time and effort," it said.

The card details already registered would be the first factor while the credentials used to login to the solution would be the second factor of authentication.

RBI further said "suitable velocity checks (how many such small value transactions will be allowed in a day/week/month may be put in place by banks/card networks as considered appropriate."

In the interest of customer awareness and protection, RBI said the banks and authorised card networks offering such authentication solutions will bear the full liability in the event of any security breach or compromise in the authorised card network.

Welcoming the move, Uber India said it is a step in the right direction.

"This waiver is a big leap in the right direction to bring ease and convenience to the use of cards over cash and will strengthen the foundation for India to become a leading digital economy," said Amit Jain, President, Uber India.


For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Samsung Wins Over Apple in $399 Million Patent Appeal in US Supreme Court
Apple to Start Publishing AI Research to Hasten Deep Learning

Related Stories





© Copyright Red Pixels Ventures Limited 2020. All rights reserved.