Call Us Now

+91 9606900005 / 04

For Enquiry

RBI on cybersecurity norms for payment services


The Reserve Bank of India (RBI) will soon issue cybersecurity norms for payment service providers (PSPs), following a series of data breaches faced by operators including Mobikwik and payment aggregator JusPay.


GS-III: Indian Economy (Economic Growth and Development in India)

Dimensions of the Article:

  1. What is digital payment system?
  2. Different digital payment modes in India
  3. About cybersecurity norms
  4. National Payments Corporation of India (NCPI)

What is digital payment system?

  • Digital payment system is a way of payment which is made through digital modes- completely online. No hard cash is involved in digital payments.
  • In this system, payer and payee both use digital modes to send and receive money.
  • It is also called electronic payment.
  • Example- Internet Banking, Debit Cards, Credit Cards, e-Wallets.

Different digital payment modes in India


  • Banking cards offer consumers more security, convenience, and control than any other payment method.
  • There are wide variety of cards available – including credit, debit and prepaid.

Internet Banking

  • It is an electronic payment system that enables customers of a bank or other financial institution to conduct a range of financial transactions through the financial institution’s website.
  • Different types of online financial transactions are: National Electronic Fund Transfer (NEFT), Real Time Gross Settlement (RTGS), and Immediate Payment Service (IMPS).

Unstructured Supplementary Service Data (USSD)

  • This service allows mobile banking transactions using basic feature mobile phone (dialling *99#), there is no need to have mobile internet data facility for using USSD based mobile banking.
  • Key services offered under *99# service include, interbank account to account fund transfer, balance enquiry, mini statement besides host of other services.

Mobile Banking

  • Mobile banking is a service provided by a bank that allows its customers to conduct different types of financial transactions remotely using a mobile device.
  • It uses software, usually called an app, provided by the banks or financial institution for the purpose. Each Bank provides its own mobile banking App.

Unified Payments Interface (UPI)

  • It is a system that powers multiple bank accounts into a single mobile application (of any participating bank), merging several banking features, seamless fund routing & merchant payments into one hood.
  • Each Bank provides its own UPI App.

Mobile Wallets

  • It is a way to carry cash in digital format. Instead of using physical plastic card to make purchases, we can pay with our smartphone, tablet, or smart watch.
  • An individual’s account is required to be linked to the digital wallet to load money in it.

Aadhaar Enabled Payment System (AEPS)

  • AEPS is a bank led model which allows online interoperable financial transaction at PoS (Point of Sale / Micro ATM) through the Business Correspondent or Bank Mitra of any bank using the Aadhaar authentication.

About cybersecurity norms

  • While the standards for fintech-driven payment services providers will be similar to cyber hygiene norms issued recently for banks and non-banking finance companies, the RBI is quite clear that firms will have to do more than observe the minimum standards to ensure safety as digital transactions gain further traction.
  • On cyber frauds, Reserve Bank of India has issued very recently basic guidelines on cyber hygiene and cybersecurity for banks and certain NBFCs.
  • Having said that, the minimum standards set by the regulator for the regulated entities are needed, but they would never be enough.
  • As digitisation increases in any sphere, payments or otherwise, as people do more and more digital transactions, institutions themselves will have to do more than the minimum standards that regulators set, to deal with any cybersecurity threats.
  • Over the next decade, the critical challenge for regulators would be to speed up the absorption of fintech without undermining the financial system’s integrity or stability.

‘No antitrust norms’

  • The National Payments Corporation of India (NPCI) had laid down a framework for a more even distribution of share of third-party app providers in the UPI system, the senior RBI official noted, adding that the regulator was, however, not looking at any antitrust provisions against dominant players at this juncture.
  • If UPI is gaining popularity, you will have to think twice about stepping in and controlling the market share of two or three popular apps because that could actually hurt absorption of this tech in the population.

National Payments Corporation of India (NCPI)

  • National Payments Corporation of India (NCPI) is an umbrella organisation for all retail payments systems in India.
  • It was set up with the guidance and support of the Reserve Bank of India (RBI) and Indian Banks’ Association (IBA).


  • To consolidate and integrate the existing multiple systems into a nation-wide uniform and standard business process for all retail payment systems.
  • To facilitate an affordable payment mechanism to benefit the common man across the country and propel financial inclusion

-Source: The Hindu

November 2023