RBI, earlier put a temporary halt to mobile payment services and has now issued fresh guidelines that sounds too conservative to be true.
- Per transaction limit of Rs. 2500/- shall be imposed on all Mobile Banking transactions – subject to an overall cap of Rs. 5000/- per day, per customer.
Banks offering mobile banking service must ensure that customers having mobile phones of any network operator is in a position to avail of the service (though the interoperability norm is relaxed for the first 6 months).
- Only Indian Rupee based domestic services shall be provided. Use of mobile banking services for cross border transfers is strictly prohibited.
- For channels which do not contain the phone number as identity, a separate login ID and password shall be provided to ensure proper authentication. Internet Banking login IDs and Passwords shall not be allowed to be used for mobile banking.
- Two-factor authentication
One of the factors of authentication shall be mPIN or any higher standard – mPIN shall not be in clear text anywhere in the network. (mChek’s USSD gets an edge over paymate?)
Overall, the guidelines sound too conservative – RBI has taken a very risk free approach (wonder why they don’t make Basel II imperative then?) towards mobile banking.
What’s your opinion?
Download the pdf