Online Payment Gateways Banned From Asking Your ATM PINs; RBI Will Now Regulate Paytm, MobiKwik (New Rules)

The threats of online fraud and money laundering have no end. Amidst the whole pandemic situation going around the globe, the Reserve Bank of India has decided to combat at least the online money fraud situation, at least for the time being, which we can compositely appreciate.

On March 17 2020, the central regulatory bank issued a notification, ‘Guidelines on regulation of payment aggregators and payment gateways’, in an attempt to minimize the risk of digital payment frauds and to keep customers’ financial data safe.

RBI Launches Notification to Payment Aggregators and Gateways

Like we stated, the RBI has issued a set of rules for payment aggregators and payment gateways to notch up the safety in digital payments for users.

The guidelines state that payment aggregators, like Razorpay, CC Avenue and others will now have to stop giving the option of using ATM PIN to users to validate online transactions. This implies that for payments over Rs 2000, users will be able to use only OTP for verification.

This way a person’s ATM PIN will not be available online to the aggregator or payment gateway (or even a hacker) and therefore be safer. The central bank also directed the online aggregators to make sure that all refunds are credited back to the original source of payment, unless specifically agreed by the customer to credit to an alternate source.

Right now many e-commerce companies either compulsorily or by default credit refunds into e-wallets of customers. Consequently, the payer is unable to get the money back into his bank account.

The Major Steps Highlighted by RBI

Scrapping of Verification via ATM Pin for Online Transactions Exceeding Rs 2000

At present, some payment aggregators ask the customers to use their ATM PIN as an option for authentication of online payments. As per RBI notification, these aggregators can no longer ask for customers’ ATM pin. All the digital payments above Rs 2,000 will have to be mandatorily verified via OTP.

Sometimes referred to as multi-factor authentication or two-factor authentication, verification via OTP is an additional security layer to minimise the risk of digital frauds while using internet banking or other electronic payment method.

Refunds Shall Now be Made Directly to the Original Source of Payment

Currently, certain e-commerce companies credit refunds automatically into the customer’s e-wallet created by the company, instead of the source from where the original payment was made, like credit/debit card.

This is troublesome for the customer since this amount can only be used for transactions on that e-commerce portal and nowhere else.

So now, the RBI has asked payment aggregators to credit the refunds directly into the customer’s account, unless instructed otherwise by the customer himself.

The notification states, “All refunds shall be made to the original method of payment unless specifically agreed by the customer to credit to an alternate mode.”

Background Authentication of Online Merchants

On March 17 2020, the central regulatory bank issued a notification, ‘Guidelines on regulation of payment aggregators and payment gateways’, in an attempt to minimise the risk of digital payment frauds and to keep customers’ financial data safe.In a very essential step directed by the RBI to these payment aggregators, the latter will have to undertake background checks of merchants, in order to ensure their otherwise intention of duping customers, or selling fake / counterfeit / prohibited products.

RBI is trying to minimise the chances of frauds taking place in the name of reputed websites by asking payment aggregators to ensure that money debiting from the customer’s account is actually being credited to the merchant’s account.