After much discussion from banks and payment companies over the March 31 deadline to activate the Additional Authentication Factor (AFA) framework for automatic debit transactions, the central bank caved in on Wednesday. The new deadline for implementing the framework has been set for September 30, 2021.
The Reserve Bank of India (RBI) has made clear its dissatisfaction with players in the system and said it will issue a circular on penalties for non-compliance. “This non-compliance is noted with great concern and will be dealt with separately. The delay in implementation by some stakeholders has resulted in a situation of large-scale inconvenience and default for customers, ”RBI said, adding that the deadline was extended only to avoid inconvenience for customers. clients.
“Any further delay to ensure full membership in the framework beyond the extended deadline will result in rigorous monitoring action. A circular informing the above is issued by the Reserve Bank today, ”the central bank said.
In August 2019, RBI published a framework for processing electronic money orders on recurring online transactions. Initially applicable to cards and wallets, the framework was extended in January 2020 to also cover UPI (Unified Payments Interface) transactions.
The AFA’s requirement has made digital payments in India safe and secure, RBI said. In the interests of customer convenience and the security of using recurring online payments, the framework mandated the use of AFA during check-in and the first transaction (with flexibility for subsequent transactions until. ‘to a limit of Rs 2,000, which was later upgraded to Rs 5,000) as well as pre-transaction notification, the ability to withdraw the money order, etc.
“The primary goal of the framework was to protect customers from fraudulent transactions and improve customer convenience,” RBI said. This is the second time that the deadline has been extended at the insistence of the banks. Previously, based on a request from the Association of Indian Banks (IBA) for an extension of the deadline until March 31, 2021, to allow banks to complete the migration, the regulator advised stakeholders in December 2020 to migrate to the framework on March 31, 2021.
Banks were all set to miss the March 31 deadline, with some having already sent communications to their customers telling them that automatic debit and credit card debits will be disabled as of April 1, 2021. They asked customers to make recurring payments. payments through the websites of the respective service providers. This can still happen for banks that have already started to migrate to the new framework. Most customers, however, can breathe easy for the next six months, industry experts have said.
Some experts believe the AFA framework involves a playoff series between safety and convenience, a balance the industry is struggling to achieve. Fintech expert Parijat Garg was of the opinion that the RBI guidelines in their current form are more about security than convenience and could make things more difficult for people who are now accustomed to the convenience of direct debits. automatic. “Partial relief is for automatic debit transactions of up to Rs 5,000, which should cover a large part of these transactions. A better approach would have been to ensure stricter security and privacy responsibilities, which will flow from data protection laws, as well as from the actors responsible for storing and using this information, and possibly putting more in place. of guidelines on tokenization, ”Garg said. He added that at present the problem is with the storage and leakage of card information, as has been seen in some recent cases where consumer data has been put at risk and responsible organizations no ‘faced no action.
Payments Council of India (PCI) Chairman Vishwas Patel told PTI on Tuesday: “All players in the ecosystem, be it banks and payment gateways, are guilty of failing to not take the RBI directive seriously from 2019 and not be able to come to a single platform, which we should have done at least two months ago, so that the transition to the new way of doing transactions recurring could have been done smoothly. “