The Reserve Bank of India (RBI) has proposed a set of new safeguards for digital payments, including a one-hour delay for certain transactions, mandatory additional authentication for vulnerable users, caps on credits into bank accounts, and a universal kill switch to block transactions, as it looks to curb a sharp rise in online frauds.
In a discussion paper released on Thursday, the central bank outlined four key proposals that seek to introduce targeted friction in high-risk transactions while preserving the ease of low-value digital payments.
At the core of the proposals is the introduction of a mandatory time lag for authorised push payment (APP) transactions above Rs 10,000. Under this framework, such transactions would be delayed by up to one hour at the payer’s end, allowing customers to cancel transfers during this cooling-off window.
The RBI said this could help disrupt fraudsters who rely on urgency and psychological pressure, and provide a critical window for detection and intervention.
Another key proposal is the introduction of additional authentication through a trusted person for high-value transactions by vulnerable sections such as senior citizens and persons with disabilities.
For transactions above Rs 50,000, these users may need approval from a nominated individual before funds can be transferred. The measure is aimed at reducing losses from impersonation and coercion-based frauds, which disproportionately affect such groups.
The RBI has also proposed tighter controls on bank accounts to tackle the growing use of mule accounts. It has suggested capping annual credits at around Rs 25 lakh for accounts without enhanced due diligence, with any excess inflows subject to verification.
Funds beyond the threshold may be held as shadow credits and released only after the bank is satisfied about their legitimacy, failing which they could be reversed within a specified timeframe.
In addition, the central bank has proposed expanding customer-driven security controls across all digital payment channels, including UPI, cards, and net banking. These would include the ability to switch payment modes on or off, set transaction limits, and activate a kill switch to instantly disable all digital transactions in case of suspected fraud.
The proposals come against the backdrop of a surge in digital payment frauds, particularly APP frauds, where users are tricked into authorising transactions themselves. Data from the National Cyber Crime Reporting Portal shows that the number of such frauds has risen sharply in recent years, highlighting the need for preventive safeguards.
The RBI said the measures are designed to strike a balance between security and convenience, noting that while digital payments have grown rapidly, the increasing sophistication of frauds necessitates additional layers of protection.
The central bank has invited stakeholder comments on the proposals until May 8, after which it will consider issuing draft guidelines for implementation.