Banks will need to send a notification to the their customers at least 24 hours before a merchant sends a debit request. Only if the customer approves the transaction it will go through. Banks also need to send a one-time password (OTP) for recurring payments if the amount is above ₹5,000.
If the customer disapproves, such transactions will fail. The individual will need to make the payment manually. Industry bodies have already raised the issue with RBI, stating that millions of transactions could fail due to the additional authentication.
"Industry consultations suggest that most major scheduled commercial banks do not have upgraded capacities to comply. Due to this, the other participants in the ecosystem like acquirers and card networks have not been able to follow the obligations under these circulars," said the industry body The Internet And Mobile Association of India (IAMAI).
According to a report in The Economic Times, major banks and vendors are not ready to implement RBI's guidelines. Banks such as HDFC Bank, ICICI Bank, Axis Bank, State Bank of India, and leading card operators like American Express and Mastercard are notifying their partners about their inability to process recurring payments based on the regulator's new norms.
To follow the RBI's guidelines, all stakeholders (banks, card networks and merchants) need to be part of a complex integrated system for the transactions to go through.
According to a Business Standard report, transactions worth more than ₹2,000 crore across sectors spanning credit card payments, utility bills, video streaming, and others, are expected to be affected.