RBI Update: RBI issued instructions to make the payment system more secure..

RBI on Tuesday said that non-bank payment system operators will have to implement real-time fraud monitoring solutions to identify suspicious transaction behavior and issue alerts.

PSOs got these instructions.
According to the Master Direction on Cyber ​​​​Resiliency and Digital Payment Safety Control for Non-Bank PSOs, non-bank payment system operators (PSOs) will also have to ensure that the online session on the mobile application closes automatically after a certain period and customers are asked to log in again.

Rules came into effect with immediate effect.
These instructions have come into effect from Tuesday, but the Reserve Bank has also prescribed phased implementation to provide sufficient time for PSOs to implement the necessary compliance structure. RBI said that the purpose of the instructions is to improve the safety and security of payment systems operated by PSOs by providing a format for overall information security preparedness with an emphasis on cyber resilience.

RBI also said that card networks must ensure that customers' card details are stored in encrypted form at any of their server locations. The central bank has asked prepaid payment instrument issuers to share information about OTP and transaction alerts with users in the language of their choice.

Privacy will be taken special care of
RBI said that PSOs should implement a comprehensive data leak prevention policy for confidentiality, integrity, availability, and security of business and customer information in respect of data available with them or on vendor-managed facilities.

According to the instructions, while sending SMS or e-mail alerts to customers by PSOs or payment system participants, it has to be ensured that the bank account number, card number, or other confidential information is edited/hidden as far as possible.