P&H HC: Bail Petition Rejected of Travel Agent Accused of Defrauding a Man for Processing Visa  ||  SC: Conviction for Stalking Quashed Due to Marriage Between Convict and Complainant  ||  All HC: S. 33-G UP Sec. Education Act a Benefi. Prov. for Teachers Serving for More Than 2 Decades  ||  All HC: SI Fixed at 6% p.a On Excess/Less Determination of Provi. Tariff Ultra Vires Electricity Act  ||  Del. HC: Entities Restrained from Infringing Personality Rights of Actor Jackie Shroff  ||  Bom HC: Authorisation to Export Necessary Even if Exporter has License to Sell Drugs for Med. Purpose  ||  Constitution Bench Judgment Not Considered, Supreme Court Recalls Judgement Passed in 2022  ||  SC: Full Ownership of Property Under S.14 (1) Can be Claimed by Hindu Woman Only if She Possesses it  ||  Supreme Court: Can’t Apply CrPC Retrospectively to Jammu & Kashmir Before 31.10.2019  ||  Mad. HC: Ritual of Devotee Rolling Over Leaves on Which Food Was Eaten by Others, Allowed    

Card Not Present transactions - Relaxation in Additional Factor of Authentication for payments upto Rs. 2000/- for card network provided authentication solutions- (Reserve Bank of India) (06 Dec 2016)



Reserve Bank of India has been taking a number of initiatives with the involvement of all stake holders to enhance safety and efficiency of the retail payment systems. In this regard, various instructions have been issued from time to time on security and risk mitigation measures involving card transactions, including directions on online alerts and additional factor of authentication. These measures have contributed to increased customer confidence in using card payments.

2. The Reserve Bank has been receiving requests from certain segments of the industry for reviewing the requirement of AFA for low value online card not present (CNP) transactions. As most of the requests were for merchant specific relaxations on AFA requirements, they were not appropriate at the system level. An alternate solution, provided by authorised card networks is expected to meet the objective of customer convenience with sufficient security for low value transactions. In this model, the card issuing banks will offer the "payment authentication solutions" of the respective card networks to their customers on an optional basis. Customers opting for this facility will go through a one-time registration process requiring entry of card details, etc. and AFA by the issuing bank. Thereafter, the registered customers will not be required to re-enter the card details for every transaction at merchant locations that offer this solution and thereby save time and effort. In this model, the card details already registered would be the first factor while the credentials used to login to the solution (as confirmed by the card network providing the solution) would be the additional factor of authentication.

3. Accordingly, the AFA requirement for transactions upto Rs. 2000/- for online CNP transactions for the 'payment authentication solutions' provided by authorised card networks with the participation of respective card issuing and acquiring banks is being relaxed, subject to:

i. Only authorised card networks shall provide such payment authentication solutions with participation of card issuing and acquiring banks,
ii. Customer consent shall be taken while making this solution available to them,
iii. The relaxation for AFA under such solutions shall be applicable for card not present transactions for a maximum value of Rs. 2,000/- per transaction across all merchant categories. Banks and card networks are free to facilitate their customers to set lower per transaction limits,
iv. Beyond the transaction limit of Rs. 2000/-, the card not present transaction has to necessarily be processed as per the extant instructions with mandatory AFA; even for transaction values below this limit, the customer may choose to make payment using other forms of AFA as hitherto,
v. Suitable velocity checks (i.e., how many such small value transactions will be allowed in a day / week / month) may be put in place by banks/card networks as considered appropriate,
vi. No change in the existing chargeback process.

4. Further, in the interest of customer awareness and protection, the banks and authorised card networks offering such solutions are also advised to:
i. Make customers aware that the solution is an optional facility for card-not-present transactions for values upto Rs. 2000/- only and that they are free to make payments using other forms of AFA as hitherto,
ii. Educate the customers about its use, risk and the mechanism for customer grievance redressal and reporting of complaints through multiple channels (website, phone banking, SMS, IVR etc.),
iii. Indicate the maximum liability devolving on the customer, if any, at the time of enrolling/registering customers and the responsibility of the customer to report any frauds while transacting,
iv. Bear the full liability in the event of any security breach or compromise in the authorised card network.

5. The authorised card network operators, may also facilitate participation of cardholders from other authorised card networks, through appropriate network level arrangements / agreements.

6. This directive is issued under Section 10(2) read with Section 18 of Payment and Settlement Systems Act 2007 (Act 51 of 2007).


Share :        

Disclaimer | Copyright 2024 - All Rights Reserved