Banking and credit card customers who have activated recurring auto-debit transactions to pay bills for phone, internet and online streaming services may see their payments fail from tomorrow (April 1) as the Reserve Bank of India's (RBI) mandate to banks for putting in place a security measure called Additional Factor Authentication (AFA) is set to kick in.
Many banks have already put out messages to their customers that since they are working on meeting the requirements laid down by RBI on e-mandate on cards for recurring transactions, any standing instruction for recurring transactions will not be approved.
UPI transactions are not covered under the new rule, and hence they will be unaffected.
It must also be clarified here that the RBI guidelines are only for e-mandate on cards for recurring transactions, and will not affect the standing instruction given on net banking for utility payments.
- Amazon Prime Video to produce Bollywood movie - It's an Akshay Kumar starrer
- India clamps strict rules for social media companies, OTT platforms
What is the new RBI rule?
Ahead of its notification, RBI said (in August 2019) that it had received requests "from industry stakeholders to allow processing of e-mandate on cards for recurring transactions with AFA during e-mandate registration and first transaction, and simple/automatic subsequent successive transactions." To ensure users' safety and convenience, the RBI said it had agreed to this proposal.
RBI notification said those opting for automatic transactions will have to go through Additional Factor of Authentication for the first transaction, as well as subsequent successive transactions, subject to certain conditions.
It means such recurring transactions will have to be manually authenticated via a one-time password (OTP), at least when they are being set up.
What should the banks do?
Banks have to send a pre-debit notification to the credit card users 24 hours before an actual debit to the credit card. This can be either through SMS or email, as chosen by the customer.
The pre-transaction notification must intimate the cardholder about the name of the merchant, transaction amount, date/time of debit.
During the registration process, cardholder can provide e-mandate for either a pre-specified fixed value of recurring transaction or for a variable value of the recurring transaction. In the event of the latter, the maximum value of recurring transactions has been capped at Rs 2,000.
Till such time that they adhere to the new RBI rules, banks cannot honour e-mandates.
How the customers stand to benefit?
The fresh guidelines are expected to offer transparency to customers, as they will now receive an intimation from the issuer on the recurring transaction debit 24 hours ahead of the debit.
It also empowers the customer with the facility to cancel the e-mandate before the transaction goes ahead. Customers also have the choice to withdraw the e-mandate given.
Further, customers will have to specify the validity period for the e-mandate. In other words, e-mandate is not for perpetuity.
Further, banks will have to provide the cardholder online facility to withdraw any e-mandate at any point of time.
What are the problem areas?
The RBI has refused to extend the deadline to meet the new norms. So, as per rules, banks cannot process some standing e-mandates on OTT streaming, and telecom services.
Rejection of payment can cause turmoil in the system, with reports suggesting that transactions worth around Rs 2,000 crore hanging in balance.
As of now, third-party payment processors are not likely to share customer information with banks due to contractual agreements and this will add to the confusion.
The industry body, the Internet And Mobile Association of India (IAMAI) has said: "Industry consultations suggest that most major scheduled commercial banks do not have upgraded capacities to comply. Due to this, the other participants in the ecosystem like acquirers and card networks have not been able to follow the obligations under these circulars."
There are also technical challenges as there is now a need for integration between the issuing bank, the acquiring bank and online merchants to authenticate messages.
For the record, HDFC Bank, ICICI Bank, SBI as well as some card operators have told their network partners that they will not be able to process automatic payments.
No comments:
Post a Comment