RBI proposes new norms on digital payment security controls

The Reserve Bank of India (RBI) has proposed to establish robust governance mechanisms for authorised non-bank payment system operators (PSOs) to effectively address emerging cybersecurity risks. The central bank has issued a ‘Draft Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators’. These guidelines cover governance mechanisms for the identification, assessment, monitoring and management of cybersecurity risks, including information security risks and vulnerabilities. They also specify baseline security measures to ensure safe and secure digital payment transactions. The RBI has invited stakeholders to provide comments and feedback on the draft by June 30.

The central bank made it clear that there is no change in the existing instructions concerning security and risk mitigation for card payments, prepaid payment instruments (PPIs) and mobile banking. The same will continue to remain in effect.