Regarding mobile payments, the Reserve Bank of India said that the PSO should ensure that the authenticated session with encryption protocols is maintained during the conversation with the customer.
The Reserve Bank of India (RBI) has issued new guidelines on Tuesday with the aim of improving the payment system. The Reserve Bank said that operators associated with non-bank payment systems will have to take real-time fraud monitoring measures to identify and alert about suspicious transaction activities. According to the news of Bhasha, non-bank PSOs will have to follow the ‘master’ i.e. basic guideline issued on cyber robustness and digital payment security control.
This rule made regarding mobile application
According to the news, operators associated with non-bank payment systems (PSOs) will have to ensure that if the mobile application is not being used, it should close automatically after a certain period and customers will need to login again. The instruction has come into effect from Tuesday. RBI has also prescribed a phased implementation to provide PSOs with sufficient time to put in place the necessary compliance structure.
Impacted transactions will be rolled back
RBI said the directions are aimed at improving the payment system security of PSOs by providing a framework for complete information security preparedness with an emphasis on cyber robustness. With regard to mobile payments, RBI said that PSOs should ensure that authenticated sessions with encryption protocols are maintained during the interaction with the customer. The Reserve Bank said that in case of any intervention, if the customer closes the application, the session will be terminated and the affected transactions will be resolved or rolled back.
… then customers will have to login again
Further, PSOs should ensure that the online session on the mobile application closes automatically after a certain period of inactivity and customers need to login again. RBI said card networks should provide a facility for activation of transaction limits at the card, Bank Identification Number (BIN) as well as card issuer level.