New Delhi, Sep 25 || The Reserve Bank of India (RBI) on Thursday released draft guidelines on the authentication mechanism framework for digital payment transaction authentication that will come into effect from April 1, 2026.
The Central Bank said the feedback from the public has been examined and suitably incorporated in the final directions.
The directions focus on encouraging introduction of new factors of authentication by leveraging upon technological advancements.
The framework, however, does not call for discontinuation of SMS-based OTP as an authentication factor.
The aim is also to enable issuers to adopt additional risk-based checks beyond the minimum two-factor authentication based on the fraud risk perception of the underlying transaction and facilitate interoperability and open access to technology, along with delineating the responsibility of Issuers.
The draft guidelines also mandate card issuers to validate AFA in non-recurring cross-border CNP transactions whenever such a request is raised by the overseas merchant or acquirer.