In a bid to ease the online transaction process, the Reserve Bank of India (RBI) has relaxed two-factor authentication for online payments below Rs 2,000.
The RBI circular said that for transactions upto Rs 2,000 for online Card Not Present (CNP) transactions for the ‘payment authentication solutions’ provided by authorised card networks with the participation of respective card issuing and acquiring banks is being relaxed, with the following rider--
- Only authorised card networks shall provide such payment authentication solutions with participation of card issuing and acquiring banks
- Customer consent shall be taken while making this solution available to them
However, beyond the transaction limit of Rs 2,000, CNP transaction has to necessarily be processed as per the extant instructions with mandatory OTP.
RBI also mandated that the banks and authorised card networks will have to bear the full liability in the event of any security breach or compromise in the authorised card network.