Starting tomorrow you will need to take the hassle of generating an extra security key for your IVR based transactions paid through your card. RBI’s measure for security issues and risk mitigation related to Card Not Present transactions (CNP) which was earlier applicable only for internet transactions will now be extended to IVR transactions as well. The rule was suppose to be implemented from 1st January but was been rescheduled to 1st Feb.
How would it work for you? You need to send an SMS to your bank with the last 4 digits or all 16 digits of your card. Each bank has its own number and syntax for the SMS. Bank will revert back an SMS with a 6 digit One Time Password. Depending on your bank the password may expire in 30 mins to 24 hrs. Ironically, Standard Chartered users will need to log on to web to generate the OTP for IVR transaction.
Though m-commerce services that allow MOTO (Mail Order Telephone Order) transaction, can continue to process orders without OTP. RBI is in consultation for such transactions and also for recurring transactions based on standing instructions.
This move will surely make the transaction more secure but the hassle is just too much and may see an immediate drop in transactions.
[Naman is a startup enthusiast and has worked with couple of Indian startups as Product Manager. He is the founder of FindYogi]