The Reserve Bank of India (RBI) has issued a Master Direction on Digital Payment Security Controls.
The Master Direction provides necessary guidelines for the Regulated Entities (Scheduled Commercial Banks, Small Finance Banks, Payment Banks and Credit Card issuing NBFCs) to set up a robust governance structure and implement common minimum standards of security controls for digital payment products and services.
The guidelines are technology and platform agnostic and shall create an enhanced and enabling environment for customers to use digital payment products in a more safe and secure manner.
The Master Direction consolidates important control aspects broadly in the following areas viz., Governance and Management of Security Risks, Generic Security Controls, Application Security Life Cycle (ASLC), Authentication Framework, Fraud Risk Management, Reconciliation Mechanism, Customer Protection, Awareness and Grievance Redressal Mechanism, specific controls related to Internet Banking, Mobile Payments Application Security Controls and Card Payments Security.