Home / Mains Articles / RBI Proposes Regulatio...
RBI Proposes Regulation for Safer Digital Payments
Aug. 1, 2024

Why in the News?

The RBI released a draft circular proposing an Alternative Factor Authentication for all transactions in a move to prioritize security of digital payments, according to its statement on July 31.

What’s in Today’s Article?

  • About Authentication Process (Meaning, Types, etc.)
  • About Alternative Factor Authentication (Meaning, Types, Benefits, etc.)
  • News Summary

Authentication Process in Digital Payments:

  • Authentication in the context of digital payments is the process of verifying the identity of a user or the validity of a transaction to ensure security and prevent fraud.
  • This process ensures that the person initiating the payment is authorized to do so and that the transaction is legitimate.
  • Basic Types of Authentication Methods for Digital Payments:
    • Password-Based Authentication: Users enter a unique password to confirm their identity.
    • PIN-Based Authentication: Users enter a Personal Identification Number (PIN) to authorize transactions.
    • Biometric Authentication: Utilizes unique biological characteristics such as fingerprints, facial recognition, or iris scans.
    • Two-Factor Authentication (2FA): Combines two different methods of authentication, typically something the user knows (password) and something the user has (mobile device).
      • Usage: Enhances security for online transactions and account access.
    • One-Time Password (OTP): A temporary password generated for a single transaction or session, sent to the user's registered mobile number or email.
    • Token-Based Authentication: Uses a hardware or software token to generate a unique code that the user must enter to authenticate.
    • Smart Card Authentication: Involves the use of a smart card containing embedded integrated circuits to authenticate the user.
    • QR Code Authentication: Users scan a QR code with their mobile device to authenticate and authorize payments.

What is Alternative Factor Authentication in Digital Transactions?

  • Alternative Factor Authentication (AFA) refers to using unconventional or additional methods beyond the traditional authentication factors to verify the identity of a user in digital transactions.
  • This approach enhances security by incorporating multiple layers of verification, making it more difficult for unauthorized users to gain access.
  • Types of AFA:
    • Behavioural Biometrics: Analyses patterns in user behaviour, such as typing speed, mouse movements, and navigation habits.
    • Device-Based Authentication: Uses information about the device being used, such as its IP address, geolocation, and device ID.
    • Risk-Based Authentication: Assesses the risk level of a transaction based on factors like transaction amount, location, and user behaviour.
    • Contextual Authentication: Considers the context of the transaction, such as time of day, previous transaction history, and user preferences.
    • Push Notification Authentication: Sends a push notification to a user’s registered mobile device for transaction approval.
    • Voice Recognition: Uses the user’s unique voice patterns for authentication.
    • Email/SMS Verification Codes: Sends a verification code to the user’s registered email or phone number.
    • Geolocation Verification: Uses the user’s geographic location as an authentication factor.
  • Benefits of AFA:
    • Enhanced Security: By incorporating multiple and varied authentication factors, AFA significantly reduces the risk of unauthorized access and fraud.
    • Flexibility: Provides users with various authentication options, improving the user experience.
    • Fraud Detection: Helps in detecting fraudulent activities by analysing unusual patterns and behaviours. 

RBI Proposes Regulation for Safer Digital Payments:

  • On July 31, the Reserve Bank of India (RBI) released a draft circular proposing Alternative Factor Authentication (AFA) for all digital transactions, emphasizing enhanced security for digital payments.
  • The draft outlines principles for authenticating digital payments, mandating an additional robust factor of authentication that must be dynamically generated and used only once.
  • The type of authentication factor will depend on various parameters, including the customer's risk profile and the transaction value.
  • The RBI also requires compulsory customer consent for introducing a new authentication factor, along with the option for customers to withdraw consent and deregister.
  • Exemptions from this proposal include contactless card transactions below ₹5000, insurance premiums, credit card payments above ₹1,00,000, and other categories up to ₹15,000.

 

RBI proposes regulation for safer digital payments.pdf ( Size: 78.1 KB )

Latest Article

See All
Why New Guidelines for Arbitration and Mediation Could be Damaging
Aug. 1, 2024, 6:34 p.m. Editorial Analysis
The Bhartiya Vayuyan Vidheyak Bill 2024
Aug. 1, 2024, 2:31 p.m. Polity & Governance
Wayanad ranked high on ISRO ‘Landslide Atlas’
Aug. 1, 2024, 2:14 p.m. Environment & Ecology
Hamas chief assassinated
Aug. 1, 2024, 1:14 p.m. International Relations
RBI Proposes Regulation for Safer Digital Payments
Aug. 1, 2024, 1:05 p.m. Economics
A Licence Raj for Digital Content Creators
July 31, 2024, 7:27 p.m. Editorial Analysis
Futures & Options Trading
July 31, 2024, 11:52 a.m. Economics
Status of Lithium Reserves and Exploration in India
July 31, 2024, 11:44 a.m. Economics
Reasons Behind Leh flight cancellations
July 31, 2024, 10:41 a.m. Science & Tech
Kerala landslide
July 31, 2024, 10:31 a.m. Geography

Mailing Address Not Entered

Dear Student,
You have still not entered your mailing address. Please enter the address where all the study materials will be sent to you. (If applicable).

Click here to enter to Proceed