2-step verification is the way ahead for secure online payments says RBI

In order to protect the citizens from the various frauds involved in making online payments, Reserve Bank of India (RBI) has released final report of the Technical Committee on Enabling Public Key Infrastructure (PKI) in Payment System Applications. In the report, RBI has asked that banks should introduce two-stage authentication to ensure security of online transactions.

The document highlights different aspects of having a secure online payment system and explains the various financial risks, such as Credit Risk, Liquidity Risk, Systemic Risk, Operational Risk and Legal Risk, in detail. With a strong emphasis on PKI technology, which enables users to make a secure transaction over an unsecure network, RBI quotes that PKI systems contributed 93.7% share to the total number of payment transactions carried out in the year 2012-13.

Despite such a high amount, the cause of worry is that even though non-PKI enabled payment systems contributed 6.3% in value terms in the year 2012-13, they made up 75 % in volume terms.

“All Banks‘ Internet Banking applications should mandatorily create authentication environment for password-based two-factor authentication as well as PKI-based system for authentication and transaction verification in online Banking Transaction.” it says.

Further the report suggests the banks to carry out in three phases PKI implementation for authentication and transaction verification. It has given an exhaustive list of security features are available in certain Internet Banking Applications, such as OTP, User-id Passwords etc.

According to Dr. Aravind Chaturvedi, Additional SP, UP Special Task Force, currently online payment card fraud is 63% of the total retail pay-card fraud and most of the primary investigation sources are payment gateways.

To read the full report, click here

To contact the author, write to sugandh@iamwire.com