New Delhi, March 29: The Reserve Bank of India (RBI) has made two-factor authentication mandatory starting April 1, 2026. This initiative aims to enhance the security of UPI and card payments significantly.
The central bank has mandated two-factor authentication for all digital payments, including UPI, debit and credit cards, and mobile wallets.
This means that simply entering an OTP will no longer suffice to complete transactions. Users will now need to undergo at least two levels of verification, such as a PIN, password, biometric authentication, or token, in addition to the OTP.
This measure comes in response to the rising incidents of online fraud, including phishing and SIM swap scams, where OTP-based systems have proven to be vulnerable.
By adding an extra layer of security, the RBI aims to reduce the likelihood of unauthorized transactions and build trust in digital payment systems.
As a result of this change, completing payments, especially on new devices or for high-value transactions, may take slightly longer. However, regular transactions on trusted devices are expected to remain relatively smooth.
The system will also adopt a risk-based approach, where the level of security checks will depend on the nature and behavior of the transaction.
Another crucial aspect of the new regulations is the increased accountability for banks and payment platforms. If fraud occurs due to a flaw in their systems, financial institutions may be required to compensate customers.
This is expected to ensure prompt resolution of complaints and encourage banks to strengthen their security frameworks.
The RBI has also indicated that similar authentication standards will apply to international transactions, including cross-border card payments.
Full implementation of these rules is anticipated by October 2026.
Given the rapid growth of digital payments in India, the central bank’s new measures aim to strike a balance between convenience and security.
Experts suggest that while the additional verification process may seem slightly inconvenient, it is expected to significantly reduce the risk of fraud, making daily transactions safer for millions of users.
My name is Ganpat Singh Choughan. I am an experienced content writer with 7 years of expertise in the field. Currently, I contribute to Daily Kiran, creating engaging and informative content across a variety of categories including technology, health, travel, education, and automobiles. My goal is to deliver accurate, insightful, and captivating information through my words to help readers stay informed and empowered.
Leave a Comment