Several Founders, Co-Founders, CXO Bankers, CXO Fintech professional & people who participated in the ePanel discussions:
- Mr. Anutosh Bose, Executive Director- Asset Management, Nomura
- Mr. Sheoji Meena, General Manager, Bank of India
- Mr. Sony A, Jt. General Manager, South Indian Bank
- Mr. Neeraj Chandra, Head of Operations and Technology, Abu Dhabi Commercial Bank
- Mr. Sunil Kulkarni, Joint Managing Director, Oxigen Services (India) Pvt Ltd
- Mr. Vicky Shah, Data Protection Officer, Fund Tree Insurance Brokers Pvt. Ltd
- Mr. Amarto Chakrabarty, Principal Consultant- Global Consulting Group, Wipro Limited
- Mr. Raghu Veer Dendukuri, Founder, Ideal Nation
- Mr. Anupam Mishra, SVP- Product Management, Transaction Banking at IndusInd Bank
- Mr. Murtuza Jadliwala, Head of Software Development at Indusind IT
- Mr. C. K. Vardharajan, Former Vice President, Equitas Small Finance Bank (not on Linkedin)
- Mr. Shashank Chowdhury, Former Managing Director -India, Infinite Zero OR Independent Consultant
- Mr. Ruchir Inamdar, Strategist, Jumper.ai
- Mr. Sandeep Todi, Co-Founder & CBO, Remitr
- Mr. Hemal Shah, Technical Product Manager, Mastercard
- Mr. Chetan More, Former AVP- Digital Banking & Payments, Jana Small Finance Bank
- Mr. Deep Shah, Senior Associate – Product Research, NPCI
- Mr. Abhishek Mody, former Associate Director-Payment & Digital Initiatives, IDFC Bank
- Ms. Kaunain Esmile, Vice President- Country lead Customer experience, DBS Bank
- Mr. Vikas R Panditrao, Co-Founder, Forum of Industry and Academic Knowledge Sharing (FIAKS)
- Many other CEO/CXO Bankers & Fintech professionals on FIAKS Forum requested to remain anonymous
RBI released a circular regarding “Enhancing security of card transactions” which mentioned that ‘At the time of issue / re-issue, all cards (physical and virtual) shall be enabled for use only at contact-based points of usage [viz. ATMs and Point of Sale (PoS) devices] within India. Issuers shall provide cardholders a facility for enabling card not present (domestic and international) transactions, card-present (international) transactions and contactless transactions’ and additional such enhancements are mentioned in the circular [1]
This complete control over card transactions seems to be a good move. Also, it is great as all banks have to offer this mandatorily. But there is a trade-off needed between convenience and safety. Many banks enable CNP post first CP (card present) transactions as it confirms PIN-based transaction. For IMPS, even at the time of launch, there was no opt-in required. Just per transaction limit was increased with time.
So here FIAKS community member raises a question- Regulators seem more concerned about fraud related to cards hence released the circular. But what about UPI frauds? Why isn’t regulator issuing a similar circular for UPI?
Another question raised by the community is that if the debit cards are not enabled for CNP (card not present), will that not impact enrolment on UPI?
First of all, to understand in simple terms, a card not present (CNP) transaction is one that enables you to make purchases without being physically present. For instance, online transactions, transactions done over phone or mail, etc.
- Answering the above question it won’t impact enrolment on UPI. For UPI enrolment, you need an active debit card. It is not linked with CNP enabled or not.
- Just that registration process is not linked with Card CNP status as this check will make the process more tedious and registration failure will go up.
- UPI already has its share of Collect Request frauds wherein the fraudsters misuse the collect request feature of UPI by sending fraudulent collect requests to the person and the person accepts it believing that the payment will be received instead the money gets debited from his account. UPI customer does not see the name and confirms in a hurry. The pop-up should clearly say that your account will be debited.Confirmation buttons are confusing!
- Whilst a member mentioned that he has closely studied UPI during his short stint with NPCI during its launch. UPI fraud is due to the negligence of the customer with respect to collect/receive money options. The architecture is super secured as on date. UPI is the way India teaches the world how to transfer money. It’s a global first and super secured system.
How many banks would rather prefer to have an extra security/authentication/verification step in place as opposed to providing quicker/quick to close payments? Especially in this age of numerous frauds? Here’s a list of some security suggestions put forth by members: Register and Read the complete discussions