Recurring Payments: What Impact RBI’s Two-Factor Authentication Rule Could Have on Emerging Small Businesses



For payments up to Rs 5,000, customers will need to re-authenticate all standing instructions for recurring payments in order to make subsequent payments without additional factor authentication.

Credit and financing for MSMEs: While the need to give consent and go through a two-factor authentication process for every payment over Rs 5,000 will improve transaction security, it could create disruption between businesses and personally, I am also of the view. agreement that if a client mandate is given, the need for an additional authentication factor should not be there, Payments Council of India (PCI) Chairman Vishwas Patel told Financial Express Online during of an interaction.

Patel was responding to a question of whether the Reserve Bank of India’s (RBI) new recurring payment rules would have an impact, especially on small emerging entities, which offer cloud or SaaS services, which operate on monthly payments, quarterly or annually, or subscriptions. In large part, insurance premiums, IMEs, auto or home loans, etc. are generally preferred payments by customers for direct debit.

The new rules, which came into effect on October 1, 2021, required customers to give their consent for each recurring payment over Rs 5,000, and also to go through a two-factor authentication process each time a payment had to be made. done instead of the simpler direct debit rules earlier. For payments up to Rs 5,000, customers will need to re-authenticate all standing instructions for recurring payments in order to make subsequent payments without Additional Factor Authentication (AFA).

“It’s a giant step backwards. What we need are efficient repairs, not better locks. Two-factor authentication for every transaction has a real cost to the economy: it inhibits spending, and those most affected by it are the smaller merchants. It’s surprising that paying by credit / debit card is a well-solved problem around the world, but we’re still struggling to move forward. We need to make online transactions easier and give users more control over how and when they spend, what alerts and limits they set for themselves, and the nature of transactions they are comfortable with, ”said Utkarsh Sinha. , Managing Director of Bexley Advisors. Financial Express online.

Read also: Imports from China: after more than a year, has the call to boycott Chinese products fizzled out for MSMEs?

The RBI notification on electronic money order processing on cards for recurring transactions in August 2019 stated that “given the evolving payment needs and the requirement to balance the safety and security of transactions by card with the convenience of the customer, it was decided to allow processing of e-mandates on cards for recurring transactions (merchant payments) with the AFA when registering, modifying and revoking e-mandates , as also for the first transaction, and subsequent successive single / automatic transactions.

Also last December, the central bank informed lenders and payment gateways that domestic or cross-border recurring transactions via cards, UPIs or prepaid payment instruments, which do not comply with additional factor authentication, would not be processed beyond March 31. 2021. The deadline was then extended until September after several banks failed to comply with the guidelines.

“Although the implementation has been made on a positive note to improve transaction security, but on the business side it will have a significant impact. For example, in most companies, access to the credit card, which would be in the name of the founder, is done with the finance department for billing various services like Google cloud or Amazon cloud each month. However, the cardholder may not be available every time for authentication or instant verification. This could lead to the shutdown of services, ”Anish Achuthan, co-founder and CEO of Open told Financial Express Online. Open offers digital neobanking services to SMEs and last week raised $ 100 million from Singapore-based Temasek, Google, Japan-based SBI Investment, Tiger Global and others.

Subscribe now to the Financial Express PME newsletter:Your weekly dose of news, perspectives and updates from the world of micro, small and medium businesses

“It would essentially have significant drawbacks. It should have been implemented only for B2C transactions but on the side of companies where frauds are relatively less numerous now, the RBI should have given some relaxation. However, as more and more companies raise this concern, I am sure the regulator will find ways to improvise this system, ”Achuthan added.

In September, experts noted that electronic mandates for recurring online transactions and the Payment Aggregators and Payment Gateways (PAPGs) guidelines will pose challenges not only for payment aggregators, gateways, but also payment processors. traders, small businesses, banks and others. . During a webinar hosted by Empower India Think Tank, Dr Aruna Sharma, former Secretary of the Government of India, said: “Regarding the issue of data privacy, unless there is a huge leak, the regulations should not work so cumbersome. We have a huge cash economy and digital payments are the only way to fix it. RBI has the right to ensure that financial data is not hacked and to protect consumer data, but not the way they try to by regulating merchants. “

Patel said with most banks not yet ready for the new process, the board had requested a one-month extension. “The biggest blame is on the banks that were lethargic in preparing their systems well in advance. While many public sector banks, including the largest ones, have yet to adopt new rules, HDFC Bank and Kotak Mahindra Bank have already implemented the rules.

Nevertheless, according to Patel, the move would give consumers the means to take long-term action when it comes to their online transactions. “If you have subscriptions for several things like Netflix, Zoom, electricity payments, etc., until now you had to visit their respective websites to manage them, but with the new guidelines you can log into your bank account to manage them all. . In addition, it would help eliminate payment fraud associated with direct debit. With the new guidelines, it is up to the user to provide authorization for each transaction. “

Get live stock quotes from BSE, NSE, US market and latest NAV, mutual fund portfolio, see the latest IPO news, top IPOs, calculate your tax using income tax calculator, know the best winners, the best losers and the best equity funds in the market. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay up to date with the latest news and updates from Biz.



Leave A Reply