RBI for two-stage verificationfor online transactions

Customers should be given option to choose from different methods of authentication

April 23, 2014 01:17 am | Updated May 31, 2016 02:19 am IST - MUMBAI:

26/07/2011 MUMBAI: The Reserve Bank of India (RBI) logo is displayed outside of the bank's headquarters in Mumbai, on July 26, 2011.  
 Photo: Paul Norionha

26/07/2011 MUMBAI: The Reserve Bank of India (RBI) logo is displayed outside of the bank's headquarters in Mumbai, on July 26, 2011. Photo: Paul Norionha

Worried over rising number of frauds in online banking, the Reserve Bank of India (RBI) has suggested that banks introduce two-stage authentication to ensure security of transactions.

The RBI report on ‘Enabling Public Key Infrastructure (PKI) in Payment System Applications’ said banks should also inform customers about risks associated with different types of online banking transaction.

“Internet banking applications of all banks should mandatorily create authentication environment for password-based two-factor authentication as well as PKI-based system for authentication and transaction verification in online banking transaction,” the report said.

It also said customers should be given the option to choose from different methods of authentication for ensuring security of online transactions.

There are various PKI-enabled electronic payments systems introduced by the RBI such RTGS, NEFT, CBLO, Forex Clearing, Government Securities Clearing, and Cheque Truncation System (CTS). In volume terms, these systems contributed 25.1 per cent whereas these systems contributed 93.7 per cent share to the total payment transactions carried out in 2012-13 in value terms.

Non-PKI enabled payment systems contributed 75 per cent in volume terms but only 6.3 per cent in value terms in 2012-13.

“The objective of an effective payment system is to ensure a safe, secure, efficient, robust and sound payment system in the country. In order to secure electronic documents and transactions and to ensure legal compliance, digital technology is used,” it said.

The report said that the banks may carry out in three phases PKI implementation for authentication and transaction verification.

“The banks have been mandated to issue EMV (card with chip and pin) to certain category of customers and for the other customers, banks have been given option to either issue EMV cards or adopt Aadhaar biometric authentication as additional factor of authentication,” the report said. — PTI

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.