Will RBI’s consumer protection norms on fraudulent transactions impact e-wallets?

Earlier this month, RBI issued guidelines regarding customer liability in case of fraudulent transactions involving prepaid payment instruments. We asked experts whether these guidelines, which protect consumers against fraudulent transactions, will help e-wallets or hurt them.

New guidelines will benefit end consumer as well as PPIs

Upasana Taku, co-founder and director, MobiKwik

The recent RBI guidelines are a welcome move and will be beneficial for the end consumer and for prepaid payment instruments (PPIs).

These guidelines bring all banks, credit card issuing non-banking financial companies (NBFCs), PPIs and digital wallets, among others, under the purview of the central bank, further regularising and fortifying the Indian finance sector.

These consumer protection guidelines will empower customers, instil more trust in them regarding online transactions and enable more and more Indians to join the ‘Digital India’ story.

The new RBI instructions limit consumer liabilities with respect to unauthorised electronic transactions, whether it is done from a bank or from a PPI entity, which wasn’t the case until now.

However, for consumers to fully enjoy the benefits of the latest guidelines and stay protected against fraudulent transactions and losses, it is mandatory for them to register for SMS and email alerts with the PPI issuer by furnishing the correct contact details. In addition to this, it is advisable for consumers to inform their issuer about any unauthorised transaction as early as possible to avoid any loss.

We are confident that these guidelines will enable millions of more Indians to carry out their financial transactions online, without having to worry about putting their finances at risk.

With confident customers, base of PPIs will expand

Raj Khosla, founder and managing director, MyMoneyMantra

RBI’s guidelines apply to all payments whether they are made remotely, online, face-to-face or in proximity. The limited liability circular will apply to mobile wallets and similar electronic payments, ensuring the protection of consumers against fraudulent transactions. The protection is subject to timely reporting as per designated rules. The application of these new rules mandates setting up a process for SMS/email transaction alerts for users along with 24x7 access to dedicated toll-free numbers, email, SMS facility etc., thereby ensuring quick and convenient reporting of misuse or a third-party hack-in.

Customers must keep track of their PPI transactions, never share OTPs and keep their login and passwords secure. The responsibility of early reporting of suspected fraudulent activity rests with the customers.

Similar user protections already exist for banking transactions, including through credit cards. The guideline brings non-banking companies such as wallets and smart card issuers on a par with banks. Such a move will instil more confidence into consumers as they embrace digitisation. Over time, there will also be a follow-on expansion of the e-commerce world, leading to an expanded consumer base for issuers. It’s the proverbial win-win.

PPIs now on a par with banks in how they deal with transaction risk

Abhishek Sinha, co-chair, PPI committee, Payments Council of India

RBI’s guidelines for consumer protection have brought e-wallets on a par with banks with respect to risks associated with transactions and how they need to be treated. For banks, these liabilities are well-defined.

While PPIs need to carry out the KYC procedure for transactions of over ₹10,000, in a bank you can carry out a transaction of up to ₹50,000 without KYC. The reason for this is probably the fact that banks manage risks very differently. But now that the regulator is starting to see banks and PPIs in a similar light, I hope the transactions are also treated similarly.

While consumer protection is important and should be central, and the movement towards two-factor authentication is really to protect the consumer, it also means that the customer has to do the heavy lifting. They now have to carry out two steps to complete a transaction, while earlier they could just put in their CVV and the transaction would go through.

Not only is this a case of gaining more protection by losing out on a smoother user experience, it also pushes the onus of transactions to consumers.

While it does offer significantly higher protection, if a fraud happens, it is very difficult to hold the issuer liable, so the customer might end up suffering.

RBI looks at customer protection in the light of risk. So, now that they have also allowed for interoperability as far as PPIs are concerned, they are likely to want to ensure customer liability since transactions are going to happen across multiple parties.

The banking regulator tends to be prescriptive on such issues because neither they nor the industry ends up participating in making the customer aware.