The Reserve Bank of India has released a certain set rules for payment aggregators and payment gateways to make digital payments safer for users. RBI Guidelines on the regulation of payment aggregators and payment gateways is aimed to reduce the risk of digital payment fraud and to keep users financial data safe.
The guidelines says that payment aggregators, such as Razorpay, CC Avenue, etc., would now have to avoid offering users the option of using ATM PIN to validate / complete online transactions. Payment over Rs 2000 users would only be allowed to use OTP for authentication purposes. Thus, ATM PIN of a individual would not be accessible online to the aggregator or payment gateway (or even the hacker) and thus would be safer.
Here are few measures took by RBI to keep your Digital life safer
Verification via ATM PIN for online transactions >2k- Mandatory & Not Optional
Payment aggregators can not request ATM PIN for online payment authentication, as per RBI notification,. Currently, some payment aggregators give the customer the option of using their ATM PIN to authenticate online payments. “All digital payments above Rs 2,000 will have to be authenticated on a one-time password (OTP) basis. However, according to RBI guidelines, the authentication of payments below Rs 2,000 through OTP is optional. The decision is taken to ensure that your ATM PIN is not available to anyone and that your card is safe.”
Refunds shall be made to original source of payment
RBI has also demanded payment aggregators to transfer the refund (made due to the transaction cancellations) back to the customer’s account from which the initial payment was made.
Now, some e-commerce firms are automatically transfer refunds to the customer’s ewallet (created on the company’s own platform) and not to the bank account , credit card etc. from which the original payment was done. User’s convenience is looked in as this amount can only be used for purchases on that site of e-commerce and nowhere else.
Background check of merchants
RBI has asked payment aggregators to perform background checks of merchants.
The notification says, “Payment aggregators shall conduct merchants background check to ensure that these merchants have no malafide intent to deceive customers, do not sell fake / counterfeit / prohibited products, etc“. The website of the merchant shall state clearly the terms and conditions of the service and the time-line for processing returns and refunds.
RBI is attempting to minimize the chances of fraud taking place in the name of reputed websites by asking payment aggregators to ensure that money debiting from the customer’s account is actually credited to the merchant’s account. In addition, customers need to informed during the time of payment that how long it will take to get the money back in case of a refund. This is to ensure that customer has clarity when to expect money in their account.
Customer Grievance & Dispute Resolution
Payment aggregators will have to appoint a nodal officer to deal with customer complaints and grievances. Payment aggregators shall set up a formal, publicly disclosed customer grievance redress and dispute management framework, including the appointment of a nodal officer to deal with customer complaints / complaints and an escalating matrix. The complaint facility shall be clearly and easily accessible if it is made available on the website / mobile.
Further, Payment Aggregators shall have a dispute resolution mechanism binding on all participants, which shall include a transaction life cycle, a detailed explanation of the types of disputes, a process for dealing with them, compliance, responsibilities of all parties, documentation, reason codes, procedure for dealing with complaints, turn-around time for each stage, etc.