This is in continuation of the previous article on the new guidelines of RBI on E Banking security issued on February 28, 2013.
Apart from the card related security measures covered in the previous article, the RBI circular also touches on some of the aspects of RTGS,NEFT and IMPS.
The recommendations are
1.Customer induced options may be provided for fixing a cap on the value and mode of transactions/beneficiaries. Additional authorization may be insisted when the customer wants to exceed the cap.
2.Limiting the number of beneficiaries to be added per day to be considered.
3. System alert to be introduced for beneficiary addition.
4.Number of transactions per day/per beneficiary may be monitored for suspicious transactions
5. Introduction of additional factor of authentication (preferably dynamic) for unusual transactions to be authenticated on special request.
6.Banks may consider implementation of digital signature for large value payments for all customers, to start with for RTGS transactions.
7.IP address capture for transaction may be considered.
8. “Adaptive Authentication” (means of providing authentication for end users without them having to know it is as work)may be considered for fraud detection.
These suggestions are also on the lines suggested by the Damodaran Committee on Customer service.
Though the circular uses the word “may” while referring to these suggestions, it mentions at the end that all these suggestions are “Expected” to be put in place by banks by June 30, 2013.
Naavi.org is happy that our long fight for better security in E Banking is bearing fruit.
Now we need to watch if Banks actually implement these suggestions and whether RBI will enforce its dictum.
In the past, Banks have simply ignored RBI guidelines and faced adverse comments in inspections as a matter of routine. RBI is also aware of such tendencies in some Banks. Hopefully this time RBI will use its powers to enforce compliance. Public are with RBI if they take strong measures to protect E Banking.
Once again, I personally and Naavi.org as a representative of public congratulate RBI on its initiative in issuing this circular.