The Reserve Bank of India has released the draft Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators. The draft covers governance mechanism for identification, assessment, monitoring and management of cybersecurity risks including information security risks and vulnerabilities, and specify baseline security measures for ensuring safe and secure digital payment transactions.
To ensure that the authorised non-bank Payment System Operators (PSOs) are resilient to traditional and emerging information systems and cyber security risks, the directions are being issued.
The Directions will also cover baseline security measures for ensuring system resiliency as well as safe and secure digital payment transactions.
However, they will endeavour to migrate to the latest security standards. The existing instructions on security and risk mitigation measures for payments done using cards, Prepaid Payment Instruments (PPIs) and mobile banking continue to be applicable as hitherto, the RBI said.
The RBI has invited feedback and comments from stakeholders on or before June 30, 2023.