Securing digital payment

RBI is working on a new framework to limit customer liability in the event of online payment fraud. The framework will include the system for collection of data on frauds as well as testing the resilience of the digital payment system both in retail and large value systems. According to RBI's annual report for 2018-19, consultations with the industry are integral to this process.

This stems from the realisation that there is a need to monitor the types of frauds that may be taking place in various payment systems in order to further strengthen the confidence in payment systems and minimise instances of frauds. Data on frauds are currently collected from payment system operators.

RBI had earlier limited customer liability for unauthorised electronic banking transactions carried through scheduled commercial banks (including RRBs), small finance banks, payment banks, co-operative banks and non-bank credit card issuers. This framework was extended to unauthorised electronic payment transactions involving PPIs, issued by authorised non-bank PPI issuers with effect from March 1, 2019.

These guidelines prescribe the limits up to which a customer may bear liability against contributory frauds, negligence or deficiency on part of non-bank PPI issuer, third party breach where the deficiency lies with neither the issuer nor the customer, and scenarios in which the loss is due to the negligence of the customer. It specifies the time limit for reporting unauthorised electronic transactions and prescribes the liability accordingly. These guidelines are expected to strengthen the customer grievance redressal framework and build trust in digital payments.

A survey on the payment habits of retail customers revealed that 96.3 per cent of respondents were aware about digital payments and that awareness was higher with higher education level. The survey on Retail Payment Habits of Individuals in six cities, viz., Bengaluru, Chennai, Delhi, Guwahati, Kolkata, and Mumbai, covering around 6,000 respondents, was undertaken by the Department of Statistics and Information Management (DSIM) on behalf of the Department of Payments and Settlement System (DPSS). The objective of the survey was to gauge the retail payment habits of individuals with a focus on their awareness, usage and understanding of risks of digital payments.

The survey revealed that cash was the most preferred mode of payment followed by digital mode mainly debit card. It was also observed that 8 per cent of respondents shared their passwords with others occasionally, 45 per cent of the participants admitted to have never changed their password/PIN/OTP and another 6 per cent did so only when prompted.

RBI has been encouraging innovation in payment systems and simultaneously focusing on the safety and security of individual transactions. Enhanced safety and security of transactions performed using these cards is achieved by use of the Additional Factor of Authentication (AFA), generation of transaction alerts via SMS/e-mail, and the like.

While performing a card transaction, a customer either enters the card details manually (for e-commerce transactions) or swipes/dips the card at a Point of Sale (POS) terminal. In the process, the card holder's data could be at risk and susceptible to misuse by fraudsters. 'Tokenisation', is a process whereby a card's 16-digit Primary Account Number (PAN) is replaced with a unique alternate code (called 'token') and a payment transaction is performed using the token, instead of the actual card data being sought or captured at the merchant's end. This enhances the safety and security of the card transaction.

At the beginning of this year, RBI permitted all authorised card networks to offer tokenisation services, irrespective of app provider and use case, subject to certain conditions and responsibilities. Registration for tokenisation service is purely voluntary for customers and they need not pay any charges for availing this service. For the present, this facility is being offered through mobile phones.

Payment and settlement systems recorded a robust growth during 2018-19, with volume and value growing at 54.3 per cent and 14.2 per cent, respectively, on top of an increase of 44.6 per cent and 11.9 per cent, respectively, in 2017-18. The share of electronic transactions in the total volume of retail payments increased to 95.4 per cent in 2018-19, up from 92.6 per cent in the previous year. During 2018-19, the number of card payment transactions carried out through credit cards and debit cards was 1.8 billion and 4.4 billion respectively. Prepaid Payment Instruments (PPIs) recorded a volume of about 4.6 billion transactions valued at Rs 2,129 billion.

(The views expressed are strictly personal)