Trending Now

25/09/2025
LIVE
  1. Home
  2. Business
  3. RBI issues guidelines on authentication mechanisms for digital payment transactions

What Are the New RBI Guidelines on Digital Payment Authentication?

Click to start listening
What Are the New RBI Guidelines on Digital Payment Authentication?

Synopsis

The RBI has introduced fresh draft guidelines aimed at enhancing the authentication mechanisms for digital payment transactions, set to be enforced by April 2026. These guidelines reflect public feedback and highlight a shift towards incorporating innovative technologies in payment security.

Key Takeaways

  • New RBI guidelines for digital payment authentication come into effect on April 1, 2026.
  • Public feedback has been integrated into the final directives.
  • Encouragement of new authentication methods leveraging technology.
  • SMS-based OTPs will remain an allowed authentication method.
  • Issuers encouraged to adopt risk-based checks.

New Delhi, Sep 25 (NationPress) The Reserve Bank of India (RBI) unveiled draft guidelines on the framework for authenticating digital payment transactions, set to be implemented on April 1, 2026.

The Central Bank noted that public feedback has been considered and integrated into the final directives.

The guidelines aim to promote the incorporation of innovative authentication methods by utilizing advancements in technology.

However, the framework does not propose the elimination of SMS-based OTP as an authentication method.

Additionally, the guidelines encourage issuers to implement more risk-based checks beyond the standard two-factor authentication, depending on the fraud risk associated with each transaction, and to facilitate interoperability and open access to technology while clearly defining the responsibilities of the issuers.

The draft also stipulates that card issuers must verify the Additional Factor of Authentication (AFA) in non-recurring cross-border card-not-present transactions whenever requested by the overseas merchant or acquirer.

The RBI emphasizes that all digital payment transactions in India must adhere to a two-factor authentication standard. While no specific authentication method has been mandated, the digital payments landscape has predominantly relied on SMS-based One Time Passwords (OTPs) as the additional factor.

“All digital payment transactions will require at least two distinct authentication factors, unless exempt. Issuers may provide customers with options for authentication factors in accordance with these guidelines,” stated the RBI.

“It will be ensured that for digital payment transactions, other than card-present ones, at least one authentication factor is dynamically created or proven, meaning that the proof of possession of the factor sent with the transaction is unique to that transaction. The authentication factors must be structured such that compromising one does not affect the reliability of the other,” it further specified.

Moreover, system providers and participants will deliver authentication or tokenization services accessible to all applications and token requestors operating within that environment for various use cases and token storage mechanisms.

Point of View

I believe these new RBI guidelines reflect a significant step towards enhancing digital payment security in India. By incorporating modern authentication methods while maintaining existing ones, the RBI demonstrates a commitment to consumer protection and innovation. This balanced approach is essential for fostering trust in the evolving digital economy.
NationPress
25/09/2025

Frequently Asked Questions

When will the new RBI guidelines come into effect?
The new RBI guidelines on digital payment authentication will come into effect on April 1, 2026.
What is the main goal of the RBI's new guidelines?
The main goal is to enhance security in digital payments by promoting innovative authentication methods while ensuring compliance with two-factor authentication.
Will SMS-based OTPs still be used?
Yes, the new guidelines do not mandate the discontinuation of SMS-based OTPs as an authentication factor.
What happens to cross-border transactions under the new guidelines?
Card issuers will be required to validate the Additional Factor of Authentication in non-recurring cross-border CNP transactions as requested by overseas merchants.
Will consumers have a choice of authentication methods?
Yes, issuers may offer their customers a choice of authentication factors in compliance with the new directions.
Tags: RBI digital payment guidelines digital payment authentication RBI guidelines 2026 SMS-based OTP Additional Factor of Authentication digital payments India news RBI transaction security news digital payment framework news online payment safety news RBI authentication changes
Nation Press

Related Posts

How are DoT and FIU Collaborating to Combat Cyber and Financial Frauds?

Nation Press
Why Did the Stock Market Close Lower Amid IT Stock Selling?

Nation Press
Did the Govt Seal a Rs 62,370 Crore Deal with HAL for 97 LCA Mk1A Fighter Jets?

Nation Press
Is the Consumer Sector in India Set for a Recovery with Tax Cuts and GST Relief?

Nation Press

Follow Us

Popular Posts

Categories

Newsletter

Tags

Modi News IPL 2025 Sensex News Technology News Health News Sports News Rahul Gandhi News