RBI Proposes New Authentication Methods for Digital Payments | India Business News

Digital payments’ new authentication methods: The Reserve Bank of India (RBI) has announced a new way to verify digital payments. Instead of just using SMS-based OTPs, they’re introducing a principle-based authentication framework. This change is due to the changing digital payment landscape and the need for better security.
RBI governor in his monetary policy statement address said, “Over the years, the Reserve Bank has proactively facilitated introduction of various mechanisms such as Additional Factor of Authentication (AFA) for securing digital payments. While no particular mechanism was specified by the Reserve Bank, SMS-based OTP has become very popular.”
ALSO READ | RBI announces offline transactions for Digital Rupee; here’s what new CBDC move means
“With technological advancements, however, alternative authentication mechanisms have emerged in recent years. Therefore, to facilitate adoption of alternative authentication mechanisms for enhancing the security of digital payments, it is proposed to put in place a principle based framework for authentication of such transactions,” he said.
The RBI plans to issue detailed instructions separately to outline the specifics of this principle-based authentication framework.
New way to authenticate online transactions
Currently, when you initiate an online transaction, you receive an OTP on your registered number, which you must enter within a specified time to authenticate the transaction. Most banks and lenders rely on this SMS-based OTP authentication method for digital payments. However, the central bank is proposing a new framework for authenticating digital transactions.
ALSO READ | Loan borrowers take note! Now, know all-inclusive interest cost for your loan, RBI announces new measures for transparency
What’s changing?
According to Abhishek Kumar, a SEBI-registered investment advisor quoted by ET, instead of mandating the use of OTPs for authentication, RBI-regulated entities will have the flexibility to utilize alternative authentication methods. This could include Time-based One Time Passwords (TOTPs) generated through algorithms or other authentication techniques.

Leave a Comment

Your email address will not be published. Required fields are marked *