More Stories

Informist, Thursday, Apr. 9, 2026

--RBI seeks view on safeguards against digital payment frauds paper by May 8 
--RBI issues discussion paper on safeguards against digital payment frauds 

 

MUMBAI – The Reserve Bank of India has floated a discussion paper on exploring safeguards in digital payments to curb frauds, citing an urgent need for systems and processes to address these issues. The RBI has sought public feedback on the discussion paper by May 8.

 

The paper proposes four options--lagged credit for authorised push payments other than low value, additional authentication by a trusted person for high-value digital transactions by vulnerable sections of society, only accounts with satisfactory additional review to receive large credits, and customer-induced controls.

 

"These options are aimed at the broad objectives inducing a lag in select category of digital payments (by way of process-level changes or in terms of additional due diligence requirements) thereby buying time for both customers and payment service operators to limit fraudulent transactions from being executed or proceeds thereof from being moved quickly, and, empowering the customer through provision of customised controls," the RBI said in consultation paper.

 

The RBI has taken several steps to strengthen safety in digital payments, including mandating two-factor authentication and restricting card data storage through tokenisation. Cardholders can now control transaction limits and switch cards 'on' or 'off'. The RBI has also issued guidelines on digital payment system controls for banks and non-bank payment service operators, focussing on cyber security and system resilience.

In 2024, the central bank's wholly-owned subsidiary, Reserve Bank Innovation Hub, built Mulehunter.AI to enable quick and effective detection of mule bank accounts by the banks. In 2025, the RBI issued a principle-based authentication framework for authentication of digital payment transactions to encourage introduction of new factors of authentication by leveraging upon technological advancements and to enable issuers to adopt additional risk-based checks beyond the minimum two-factor authentication based on fraud risk perception of the underlying transaction.

 

The RBI is also presently working with Reserve Bank Innovation Hub to set up a prototype of a digital payment intelligence platform by harnessing advanced technologies to mitigate payment fraud risks.

 

In 2025, 2.8 million frauds totalling INR 229.31 billion were reported, up from INR 228.48 billion reported in 2024. Digital transaction volumes have increased 38-fold, and transaction values have more than tripled. The compound annual growth rate of digital payments over this period stands at around 53% and 13% in volume and value terms, respectively, the RBI said.

 

Under lagged credit for authorised push payments mechanism, the RBI proposes introducing a time lag for certain account-to-account transfers above INR 10,000 to mitigate frauds, as these transactions lack chargeback mechanisms unlike merchant payments. This lag would apply to transfers to individuals, sole proprietorships, or partnership firms, and is expected to cover 45% of reported fraud cases by volume and 98.5% by value, as per National Cyber Crime Reporting Portal data. Low-value transactions below INR 10,000 would remain frictionless.

 

The RBI suggests an additional authentication layer for high-value transactions by vulnerable groups, like senior citizens or differently-abled persons, who are often targeted by social engineering frauds. This involves a "trusted person" verifying transactions, aiming to curb impersonation and emergency-based scams that lead to significant financial losses. "These targeted incidents frequently result in disproportionately higher financial losses, underscoring the need to consider enhanced protective measures for this customer segment, alongside sustained awareness initiatives," the RBI said.

 

In order to further strengthen these guidelines, and to control use of bank accounts as "mules" to route money proceeds of digital frauds, it is proposed to bring in a regulatory measure of limiting aggregate credits in an account without an additional review of satisfactory business relationship. It has also proposed that a bank obtain supporting documents in respect of the nature of business and financial status of the customer. It is also required to undertake ongoing due diligence of an account to ensure that transactions therein are consistent with bank's knowledge about the customer, customer's business and risk profile, the customer's declared sources of funds/wealth, etc.

 

The RBI proposes limiting aggregate credits in an account without additional review to curb digital frauds. Banks would assess the nature of business and financial status during know-your-customer process and monitor transactions for consistency with customer profiles. This aims to prevent using accounts as "mules" for illicit funds, strengthening existing guidelines. "RBI shall prescribe a ceiling, say Rs 25 lakh (INR 2.5 million), for annual aggregate credits into a bank account for which additional proof in support of genuine requirement of higher aggregate credit is not taken from the customer," the RBI said. "A bank may fix a limit, not higher than this prescribed ceiling, for such low credit turnover accounts, based on its own internal risk management."

 

The RBI suggests extending customer-controlled mechanisms, like 'switch on or off' and transaction limits, to all digital payment channels. Currently available for card-based payments, these features empower customers and reduce fraud. The RBI aims to make them uniform across digital payments.

 

The RBI is set to release the draft guidelines on additional measures to counter digital payment frauds, after analysing comments on the discussion paper.  End

 

Reported by Vaishali Tyagi

Edited by Ashish Shirke

 

For users of real-time market data terminals, Informist news is available exclusively on the NSE Cogencis WorkStation.

 

Cogencis news is now Informist news. This follows the acquisition of Cogencis Information Services Ltd. by NSE Data & Analytics Ltd., a 100% subsidiary of the National Stock Exchange of India Ltd. As a part of the transaction, the news department of Cogencis has been sold to Informist Media Pvt. Ltd.

 

Informist Media Tel +91 (22) 6985-4000

Send comments to feedback@informistmedia.com

 

© Informist Media Pvt. Ltd. 2026. All rights reserved.