Reserve Bank of India (RBI) has issued instructions on credit/Debit card transactions – Security and Risk mitigation measures to enhance the security of card transactions (including card based online transactions) and Security and Risk Mitigation measures for electronic payment transaction (including e-banking transactions).
The details of the instructions issued are available on RBI website www.rbi.org.in.
Some of the important instructions are as under:
i) Banks have been advised to provide online alerts for all card transactions.
ii) Banks have been advised to put in place a system of providing additional factor of authentication/validation (2FA) for all card not present transactions using the information which is not available on the card.
iii) All new debit and credit cards to be issued only for domestic usage unless international use is specifically sought by the customers. Such card enabling international usage will have to essentially EMV chip and PIN enabled.
iv) Customer induced options may be provided for fixing a cap on the value/mode of transactions/beneficiaries. In the event of customer wanting to exceed the cap, an additional authorization may be insisted upon.
RBI’s instructions on charges levied by banks on cards inter-alia mention that the banks should not levy any charge that was not explicitly indicated to the credit card holder at the time of the issue of the card without getting his/her consent.
The debit card issuing bank should also specify the basis of any charges levied.
This was stated by Jayant Sinha, Minister of State in the Ministry of finance in in Lok Sabha on 06th May.