Have you recently started receiving mails/SMS from various banks and service providers asking to re-register your e-mandates for automated payments such as OTT, newspaper subscriptions, etc?. This is because of the new RBI guidelines with regard to recurring transactions, coming into force from October 1, 2021. 

What are these new RBI norms?

In another step to secure digital transactions via credit/debit card, PPI or UPI, RBI has implemented the new auto debit rules. As per the new norms, all such transactions will have to be further secured with an additional factor of authentication (AFA) – 2-factor authentication. Any transaction, whether domestic or cross-border, using cards, without AFA, would be discontinued.

New rules for Automatic Payments – A Snapshot

Source: RBI

Further to this, the bank/issuer is required to take additional information such as the validity period of the e-mandate, etc at the time of registration. And if required, the facility to modify the validity period, shall also be provided.

The banks also need to send a post-debit notification to the cardholder, once the auto-debit is processed. And, finally set up a redressal mechanism to address customer grievances related to this.

What will be its impact on payments?

This move is introduced in an attempt to protect consumers with regard to safeguarding of pre-stored data relating to cards and avoiding digital frauds. And especially those consumers who hastily give their consent to unnecessary automated payments and fall prey to data breaches.

With the new guidelines coming into implementation, all such recurring payments need to be reviewed and re-registered with respective issuing banks to avoid transaction failure.

However, these will only impact standing instructions (SIs) on cards. The automated instructions under UPI Autopay, e-NACH and other SIs to banks will not be impacted.

The directive will empower card users and will give them more control over their transactions. They can now determine and set the amount, velocity, etc, thereby managing such recurring mandates efficiently.

Way forward

For end consumers

Initially, this will impact customers to some extent, as the previous payment mode was meant to provide them with a seamless experience (especially for transactions above the INR 5,000 cap in B2B usage). Also, such payments may move to other alternate modes of payment such as e-NACH, UPI, etc for a better customer experience. However, in the long run with awareness they will realize that such regulations are for their benefit as it will eventually increase the security on card transactions. 

For Businesses

These guidelines will encourage businesses particularly, small & medium sized businesses to reach out to untapped customer base and build new business models in and around subscription payments and help grow this market multi-fold in the coming years.

To sum it up, the entire payments ecosystem is going through changes due to these regulations and all stakeholders are getting impacted in one way or the other. It will require banks/card companies/fintechs in the payments space to provide such portals to comply with the new regulations. However, there is still a long way to go as not only the banks/card companies, but the merchant/merchant aggregators’ ecosystem also needs to be in a state of readiness for its successful implementation. 

In today’s world, increasing online frauds and cyberattacks are causing security and trust issues among the general public in the adoption of digital payments, and these data security issues have become a major concern for online service providers. The service provider has been looking into ways to reduce this risk. One such solution is “Tokenization,” a new buzzword in the payments industry. Tokenization adds an extra layer of security to users’ sensitive data and prevents online and digital data breaches.

The concept of digital tokenization is inspired by the concept of physical tokenization, which has existed since the invention of currency. Token coins replace actual coins or banknotes in physical tokenization. These token coins have a real identity and value, but they only have meaning in a limited and controlled space. For example, casino tokens have no value outside of the casino’s premises.

The payments card industry is using digital tokenization to protect users’ sensitive data and provide better customer assurance in order to increase their trust. It is a low-cost and simple-to-implement solution for merchants.

What is Tokenization?

Tokenization is the process of encrypting sensitive data by replacing it with an unreadable token. The tokens can then be passed through the internet or the various wireless networks required to process the payment without exposing actual bank details. The actual bank account number is kept secure in a token vault.

Tokenization is commonly used to combat credit card fraud. It relieves merchants of the burden of storing sensitive card data of users, reducing the work and effort required to be PCI DSS compliant.

How does it work?

A customer makes an online purchase through an e-commerce website or offline through a merchant POS and then chooses a credit card payment method. The customer enters sensitive data on the portal, such as card number, CVV and cardholder name or enters a PIN on the POS machine. The card data collected is stored on the tokenization server rather than the e-commerce website server. The tokenization server processes the card data, stores the original card data on the Secure token server and generates a token of the same length from a random alphanumeric string. The token is then forwarded to the merchant’s acquiring bank. The acquiring bank sends the token to the card network, which processes it and shares card details with the issuing bank for payment authentication. Payment is completed when the issuing bank responds to the card network. The Card Network is the only entity that can read the token.

Tokenization Vs Encryption 

Data encryption and tokenization are similar in the sense that they both replace original data with a random code, but they are vastly different in terms of ciphering mechanism. 

Sensitive data is mathematically changed into a new code in data encryption, but the original data can be deciphered with the appropriate key. However, because there is no relationship between the token generated and the original data, the token cannot be reversed in the case of tokenization. Even if hackers obtain the token details, they will be unable to retrieve original data from that information, rendering the token meaningless and useless to them.

Tokenization is widely used by the payments industry across the globe due to its data security offering. Furthermore, it provides the following benefits to all stakeholders involved in the transactions. 

• Customers can develop trust in online transactions as the likelihood of theft or leakage of sensitive data decreases significantly.
• The merchant, acquirer and processor do not need to be concerned about the user’s sensitive data being compromised even in the event of a cyberattack because they do not store any such information. 
• Merchants can provide a trusted and secure payment environment for their customers without obtaining PCI DSS certification, saving them the cost of such certification.
• Tokenization of payments creates a safe and secure environment for users, merchants, payment gateways, financial institutions and regulatory bodies.

Tokenization is currently only available with Networks in India. Issuers must still evolve to make this a reality. 

The RBI issued a directive in 2020 stating that merchant payment aggregators and payment gateways could no longer store card credentials. To increase cardholder safety, RBI guidelines require a full-time shift, which is why tokenization must be implemented. And now there will be a plan in place for every issuer, merchant and network to implement this.

What is UPI Lite?

The National Payments Corporation of India (NPCI) is working on a new solution called UPI Lite that will allow small digital payments to be made without the need for an active internet connection. The RBI announced on January 5 that digital payments of up to ₹200 could be made without an internet connection.

How does it work?

UPI Lite will allow feature phone users to use their phones to connect to UPI networks and make digital payments directly from their bank accounts. There are currently two key solutions being evaluated. The first is a SIM Overlay, while the second is a software-provisioned solution that will use Over-the-Air (OTA) updates.

SIM Overlay is a technique that extends a phone’s SIM card’s capabilities, allowing payments and other services to be completed even when there is no data connection. On the other hand, OTA will deliver the solution straight to the device’s firmware.

Users will be required to create a 4-digit or a 6-digit pin, depending on the protocols implemented by their banks. Payments made via the SIM overlay technique will be routed through the NPCI’s UPI system to servers operated by the NPCI, and transactions will then take place over the standard UPI network. Instead of using the internet, the entire procedure will run over SMS networks.

How does it affect the Indian ecosystem?

Since the demonetisation of banknotes in 2016, India has experienced a surge in digital payments. According to a survey, tier-II and -III cities in India accounted for more than half of all online transactions in the quarter ending March 2021. In villages and towns, though, cash still reigns supreme.

According to an industry expert, an alternative, secure, low-cost mode of payments with a near-cash-like characteristic will be provided by small value offline mode for digital payments, improving consumer confidence as a preferred option for small retail payments. It has the potential to promote various creative retail payment use cases, such as tickets, product bundling and non-standardised pricing.

Given that feature phones still account for half of the market, this will improve payments in areas where internet penetration is low.

This is not the first time the NPCI has attempted to promote offline payments in rural areas. In 2012, it launched UPI-led offline payments over Unstructured Supplementary Service Data (USSD) networks. However, due to SMS charges, it failed to take off in a large way. 

According to NPCI data, the USSD system was used for transactions worth ₹1.21 lakh in 2021. Around 83 banks were using the USSD system as of December 2021.

If NPCI’s current experiments go as planned, about 350 million feature phone users in India will be able to make digital payments without the need for an internet connection.

The Reserve Bank of India (RBI) will debut the Digital Rupee in the Financial Year 2022-23, according to the Hon’ble Finance Minister of India’s Union Budget Speech on February 1, 2022. Meanwhile, China’s e-Yuan, currently in pilot mode, had its global premiere at the Beijing Winter Olympics 2022 when most foreign athletes got to experience a Central Bank Digital Currency (CBDC) for the first time. However, the Bahamas and Nigeria were among the first to establish CBDCs. Given that recent economic sanctions against Russia have granted governments additional reasons to implement alternative payment systems, such as CBDCs, it’s more vital than ever to understand and evaluate the experience of a few countries that are already ahead of the curve.

Source: https://www.atlanticcouncil.org/cbdctracker/

But, before we go any further, you need to familiarize yourself with what a CBDC is, as well as its pros and cons – read up on our previous blog post. Additionally, a few key terms can help in laying the groundwork:

• Possible Use Cases: A CBDC can be issued for either Retail purposes, implying that it can be used for all transactions by the public, or Wholesale, suggesting that it can only be used for bank-to-bank transactions and settlement. A Wholesale CBDC is expected to improve efficiency in large-value interbank settlements while also being programmable. A Retail CBDC is projected to promote a far broader cause of financial inclusion, bolster digital economies, and improve the efficiency of retail payment systems.
• Architecture: A CBDC can have one of three legal structures:

A Direct CBDC may cause financial disintermediation because commercial banks and non-banks will have no participation in its operation, but a Synthetic CBDC may limit monetary policy permeability and increase the risk of financial instability. A hybrid CBDC, on the contrary, is based on a time-tested paradigm in which both the central bank and financial intermediaries play active roles in the delivery of financial services while also promoting innovation.

• Infrastructure: Depending on how the security and verification aspects of transactions are defined, a CBDC can be built on a centrally controlled database or distributed ledger technology, which saw a breakthrough with crypto assets.
• Access: A CBDC can be accessed and used to make payments using either an account-based system, similar to our bank accounts, or digital tokens, which are more like physical cash. A fundamental distinction between the two is that, unlike an account-based CBDC, a digital token can retain the anonymity of cash.

Any central bank would strive to support the advantages of both physical cash (anonymity, settlement upon payment) and electronic payment systems (low cost, efficient and difficult to counterfeit), regardless of which mix of the above is chosen to construct a CBDC.

Let’s look at what it’s been like on the ground. We chose three countries to highlight out of the many that are experimenting with CBDC: China because it was the first to publicly announce its CBDC ambitions and has covered a lot of ground; Nigeria, because it is the largest country by population to have formally launched its CBDC; and Sweden, because of its unique objectives and differentiated design.

China’s e-CNY (under pilot):

China started working on the CBDC in 2014 and has been testing e-CNY pilots in cities across the country since December 2019. Given the early start and China’s stated desire to promote Yuan internationalization, it was widely assumed that e-CNY would hasten the process. However, all such speculations were dispelled by the People’s Bank of China’s (PBOC) research paper, which was published in July 2021. It said categorically that e-CNY is intended to “bolster the domestic economy, promote financial inclusion and make monetary and payment systems more efficient”. Meanwhile, e-CNY had been successfully tested across several use cases aligned with its objectives. By the end of June 2021, e-CNY transaction volume had already clocked 70.75 million, with a total value of RMB 34.5 billion (~$5.4 billion)!

Some distinguishing features of the e-CNY system are:

• Allows those without bank accounts to enjoy basic financial services
• Supports offline payments
• Supports ‘managed anonymity’ despite embracing an ‘account-based’ access model – small-value payments are expected to be anonymous

According to PBOC, e-CNY will now be tested across a broader range of use cases, involving all relevant stakeholders in the ecosystem. Prior to the commercial debut, it will expand its research on the influence of e-CNY on monetary policy and financial stability. Furthermore, China is taking an active part in the worldwide CBDC standard-setting, having joined the Multiple CBDC Bridge (mCBDC) headed by the BIS Innovation Hub, where it is jointly exploring various CBDC possibilities with other central banks.

Nigeria’s eNaira (launched):

Nigeria’s CBDC, eNaira, was launched with much fanfare in October 2021. While the project is still in its infancy, news reports suggest that the initial enthusiasm has waned. Nonetheless, its motivations for introducing eNaira are similar to those of other emerging nations that are likely to be keeping a close eye on the currency’s success. The following are some of the motivations:

• Promoting financial inclusion – While a bank account is required to use eNaira in the first phase, the second phase is planned to eliminate the requirement
• Reduce the amount of cash in circulation and, consequently, the cost of processing cash — the eNaira will contain all the characteristics of cash, such as direct claims on the central bank, no interest payable, and so on
• Enabling direct welfare payout to citizens — eNaira’s account-based capabilities enable welfare funds to be delivered directly to recipients without the risk of theft
• Increasing tax collection – As the economy becomes more organized as physical cash is phased out, tax revenues are likely to rise
• Facilitating diaspora remittances — eNaira is supposed to be a more efficient, secure, and cost-effective way to send money back home

In the first phase, eNaira was launched with a few basic functionalities. Depending on input from eNaira users and regular calibration of perceived threats from typical CBDC issues, the Central Bank of Nigeria is projected to gradually introduce many more functions to meet its core objectives.

Sweden’s eKrona (under pilot): 

While financial inclusion is a driving force behind e-CNY and eNaira, eKrona is being created to solve a different problem: the decline in cash usage! Yes, the Riksbank, Sweden’s central bank, recognizes that the decline in cash may limit its direct role in the payments ecosystem, making its goal of fostering a secure and efficient payment system more difficult. As a result, the Riksbank started testing eKrona in a closed system with simulated participants (intermediaries like commercial banks), end-users, and payment instruments in 2020. The first part of the pilot’s findings was positive, indicating that digital tokens appear to enhance cash use and hence improve Riksbank’s direct role in controlling the money supply. The Riksbank, nevertheless, recognizes that the pilot must now go on to the next stage, in which it intends to:

• Integrate with systems of actual participants
• Create an offline function so that digital tokens can be exchanged without the need for a network
• Test out various options by storing tokens and their keys in different ways that can be used for a variety of purposes
• Evaluate and improve the eKrona network’s performance and scalability

The ecosystem of a CBDC will be newly established and will act as an alternative to the existing electronic payment infrastructure, which is a common benefit of having one. The ramifications of the CBDC for monetary policy, financial stability, and financial disintermediation, on the other hand, are still uncertain. Even the legal aspects of a CBDC, which is neither whole cash nor equivalent to a deposit in a bank account, as well as data governance mechanisms, must be thoroughly examined before its use grows.

We’ll keep a close eye (with a magnifying glass!) on the various central banks’ evolving experiences. For the time being, we eagerly anticipate the RBI’s next steps on the Digital Rupee, which will detail its objectives, design elements, and commercial launch timeline.

References:

CBDCs: an opportunity for the monetary system –  https://www.bis.org/publ/arpdf/ar2021e3.htm

Progress of Research & Development of E-CNY in China – http://www.pbc.gov.cn/en/3688110/3688172/4157443/4293696/2021071614584691871.pdf

eNaira Design Paper – https://www.enaira.gov.ng/about/design

E-krona pilot phase 1 – https://www.riksbank.se/en-gb/payments–cash/e-krona/e-krona-reports/e-krona-pilot-phase-1-report-3/

India has experienced a remarkable evolution in its digital payment landscape in recent years. The swift proliferation of smartphones, internet connectivity, and government initiatives such as Digital India, Unified Payments Interface (UPI) NEFT/IMPS, Prepaid Cards/Wallets/Contactless Payments, e-RUPI, CBDC, AEPS, Open Banking/API Integration has significantly contributed to the expansion of digital payment methods throughout the nation. A strong tailwind to digital/contactless payments was provided by demonetisation and Covid-19, leading the way for a cashless economy and better tax compliance. This blog explores the latest digital payment trends reshaping India’s financial landscape.

Unified Payments Interface (UPI) Dominance

The Unified Payments Interface (UPI) has been a game-changer in the Indian payments industry. Launched in 2016 by the National Payments Corporation of India (NPCI), UPI enables users to link multiple bank accounts and execute real-time peer-to-peer transactions. UPI has witnessed exponential growth, with transaction volumes crossing the billion-mark monthly. Its success can be attributed to its simplicity, security, and interoperability across various payment apps.

IMPS/NEFT

IMPS and NEFT have revolutionised the way funds are transferred in India, providing individuals and businesses with fast, secure, and convenient payment options. Whether you need to send money urgently or make routine payments, these electronic funds transfer systems offer unparalleled accessibility and flexibility.

Prepaid Cards, wallets and Contactless Payments

Digital wallets and Prepaid cards have gained significant traction in India, allowing users to store funds digitally and make quick payments. The COVID-19 pandemic further accelerated the need for contactless transactions and contactless payments. NFC-enabled cards, QR code payments, and mobile payment solutions are increasingly prevalent, allowing consumers to make secure transactions without physical contact. Today, merchants are offering contactless payment options to provide their customers with a safer and more efficient checkout experience.

New Government Initiatives:

The Government of India has played a pivotal role in promoting digital payments through its flagship initiatives, such as Digital India, e-RUPI, CBDC and many more. Digital India aims to transform India into a digitally empowered society by promoting digital literacy and providing digital infrastructure.

o e-RUPI is a wholly cashless and no-contact electronic payment instrument that will be delivered to beneficiaries’ mobile devices (even mobile devices that are non-android or iOS) as either a QR code or an SMS-based e-voucher.

o CBDC is a digital currency issued by a central bank, rather than a commercial bank. Backed by blockchain technology, this central bank digital currency (CBDC) is an electronic version of the physical rupee, potentially representing a more secure and government-supported alternative to private digital currencies

AePS

India has witnessed rapid growth in biometric authentication for digital payments. The Aadhaar-enabled Payment System (AEPS) allows individuals to link their bank accounts with their unique Aadhaar identification number and make transactions using biometric verification. This technology has simplified payments for the underbanked population, making financial services more accessible and inclusive.

Integration of Artificial Intelligence (AI) and Machine Learning (ML)

Artificial Intelligence (AI) and Machine Learning (ML) are revolutionising the digital payments landscape in India. With AI-powered chatbots, payment service providers are enhancing customer support to address queries effectively. ML algorithms are leveraged to detect and prevent fraudulent activities, ensuring secure transactions. Moreover, personalised recommendations and targeted offers based on user behaviour are being utilised to drive customer engagement and loyalty.

Open Banking, driven by the Reserve Bank of India (RBI) guidelines, is a game-changer in the banking sector, allowing secure sharing of customer data between banks and fintech companies. Application Programming Interfaces (APIs) facilitate the seamless integration of various financial services, allowing customers to access multiple banking services through a single platform. This collaborative ecosystem encourages innovation and empowers customers with a variety of payment options.

As India moves towards a cashless economy, these trends will continue to shape the future of digital payments, driving financial inclusion and economic growth.

CARD91 is an API-led issuance Platform-as-a-Service company. It offers unparalleled technology infrastructure to banks, SMEs, corporates & fintech through its Switch and Card Management Solutions for Prepaid Cards, Multi-Currency Travel Cards and allied systems like Centralised System of Records (C-SOR) for prepaid cards, credit cards and Access Control systems (ACS)

PPI stands for Prepaid Payment Instrument, PPI is a method that facilitates the purchase of goods and services against the value stored on such instruments. The value stored on such instruments represents the value paid for the holder, by cash, by debit to a bank account, or by credit card.

The prepaid instruments can be issued as smart cards, magnetic stripe cards, internet accounts, online wallets, mobile accounts, mobile wallets, paper vouchers, and any such instruments used to access the prepaid amount.

Some of the common examples of PPIs include Paytm and Gpay, gift cards, and debit or credit cards. In today’s piece, we take a look at three types of prepaid payment instruments.

• Closed System PPIs
• Semi-Close System PPIs
• Open system PPIs

Closed System PPIs:

These are PPIs issued by an entity for facilitating the purchase of goods and services from that entity only. No cash withdrawals are permitted. These instruments cannot be used for payment or settlement for third-party services. The issuance and operation of such instruments are not classified as a payment system and do not require approval/authorization from the RBI.

Semi-Closed PPIs: 

These are PPIs issued by banks (approved by RBI) and non-banks (authorized by RBI) for purchase of goods and services, including financial services, remittance facilities, etc., for use at a group of clearly identified merchant locations/establishments which have a specific contract with the issuer (or contract through a payment aggregator/payment gateway) to accept the PPIs as payment instruments. These instruments do not also permit cash withdrawal, irrespective of whether they are issued by banks or non-banks.

Open System PPIs: 

These are PPIs issued by banks (approved by RBI) for use at any merchant for the purchase of goods and services, including financial services, remittance facilities, etc. Cash withdrawal at ATMs / Points of Sale (PoS) terminals / Business Correspondents (BCs) is also allowed through these PPIs.

How can a business benefit from PPIs?

Prepaid payment instruments in the form of mobile wallets, multipurpose, multicurrency, prepaid cards can accelerate sales, customer loyalty, and profitability. You can earn significant revenue for every transaction made through mobile wallet-enabled prepaid cards you issue.

Businesses must leverage PPIs to tap into the gigantic 760 million smartphone users base in India, who will most likely shop online and pay using mobile apps and wallets.

Using prepaid instruments, you can enable bank-like domestic and cross-border payments, but with greater efficiency, flexibility and security. Armed with the ground-breaking PPI reforms announced by the Reserve Bank of India (RBI), every business in India must ride the PPI wave to reap the utmost benefits.

The following are significant measures announced in the 2021 RBI monetary policy review, applicable from March 31, 2022.

1.  PPIs can offer Real-Time Gross Settlement (RTGS) and National Electronic Funds Transfer (NEFT) facilities to their users.
2. Interoperability of full KYC PPIs is mandatory.
3. The maximum balance of mobile wallets doubled to INR 2 lakhs from INR 1 lakh.
4. Cash withdrawals enabled for full-KYC PPIs of non-bank PPI issuers (in addition to bank issuers)

These reforms have the potential to level the playing field between banks and non-banks, incentivize full KYC PPIs, and drive greater financial inclusion. Businesses that accept payments and remittances through prepaid payment instruments will experience higher customer acquisition, retention, and loyalty, increased customer lifetime value, and long-term profitability.

Who can issue PPIs?

The following entities can issue PPIs post authorization/approval of RBI.

Non- Banking Entities

• They must be incorporated in India
• Minimum paid-up capital — more than INR 5 crores
• Minimum positive net worth — INR 1 crore at all times

NBFCs

• Maintain an escrow account with any scheduled commercial bank in India

Banks

• Compliant with PPI eligibility criteria established by the RBI

RBI’s new addition to PPI-Small PPIs can have cash upto ₹10,000 loaded per month

The Reserve Bank of India on 27/Aug/2021 issued Master Directions on Prepaid Payment Instruments (PPIs) with the fresh classification of the instruments.

“Keeping in view the recent updates to PPI guidelines, it has been decided to issue the Master Directions afresh,” the RBI said.

No entity can set up and operate payment systems for PPIs without prior approval or authorization of the RBI, it stated.

The master directions classify PPIs into two categories – small PPIs and full KYC PPIs. They were earlier classified as closed systems, semi-closed systems, and open system PPIs.

“Small PPIs: Issued by banks and non-banks after obtaining minimum details of the PPI holder. They shall be used only for the purchase of goods and services. Funds transfer or cash withdrawal from such PPIs shall not be permitted,” the RBI said.

PPI Classification

Small PPIs can have cash up to ₹10,000 loaded per month, not exceeding ₹1.2 lakh in a year.

Full-KYC PPIs will be issued by banks and non-banks after completing the Know Your Customer (KYC) of the PPI holder.

“These PPIs shall be used for the purchase of goods and services, funds transfer or cash withdrawal,” it further said, adding that the amount outstanding should not exceed ₹2 lakhs at any point in time.

The RBI has also said that the PPI issuer shall have a board-approved policy for PPI interoperability.

Where PPIs are issued in the form of wallets, interoperability across PPIs should be enabled through UPI. Where PPIs are issued in the form of cards (physical or virtual), the cards should be affiliated to the authorized card networks, it said.

PPI for mass transit systems should remain exempted from interoperability, while Gift PPI issuers (both banks and non-banks) have the option to offer interoperability.

“Interoperability shall be mandatory on the acceptance side as well. QR codes in all modes shall be interoperable by March 31, 2022,” it further said.

The RBI has also said the PPI issuer shall put in place a formal, publicly disclosed customer grievance redressal framework, including designating a nodal officer to handle customer complaints or grievances, the escalation matrix, and turn-around-times for complaint resolution.

Card industry has seen steady growth in the last two decades from EMV chip card (use a smart microchip to store data instead of mag stripe) payments to contactless payments, but security remains a big challenge for the industry. These concerns have led to innovations towards more reliable and secure technologies such as biometric card payment. Such technologies have received significant boosters during the contagious Global pandemic of COVID-19. People started preferring contactless payment methods for payments using Mobile wallets or tap and pay cards to avoid any kind contact as precautionary measures. The main concern with the current contactless payment system is the upper cap on the transaction amount. To boost the contactless payment, RBI has increased the limit from Rs 2000 to Rs 5000 during the pandemic period. However, higher transaction limits for tap and pay cards posed bigger security concerns since no second factor is being used for payment authorisation. Biometric cards do provide a ray of hope by addressing some of the challenges faced by the card industry.

Biometric Cards: Innovation for Secure Payments

What are Biometric Cards? 

Biometric cards are a unique combination which uses the payment mechanism of a regular Card, authentication mechanism of biometric based payment while maintaining the safety mechanism of contactless payment. Biometric contactless cards offer more security and seamless user experience than all the other payment modes by combining their best features and avoiding their shortcomings. Each Biometric Card has a built-in fingerprint reader hence customers do not need to remember their PIN or touch any POS terminal, as all transactions are performed by touching the fingerprint reader on the card itself. Biometric payment cards ensure the same existing EMV standards and use typical safety measures like end-to-end encryption along with tokenization with additional layer of security, by adding finger size biometric reader on the card for biometric authentication. In the case of cards Lost or Stolen, chances of replicating fingerprints or stealing data from Card for fraudulent activities is implausible. Also, personal data of cardholders is stored only on the card and is neither held on the bank server nor sent to any external database. We tech savvy people always want more personalised and high technology cards and these biometric cards are the exact solution for our requirements.

How do Biometric cards work?

• Once the biometric card is received, the cardholder can securely install the fingerprints data in the card by inserting the biometric card in the sleeve and following the simple procedure provided.

• Cardholders can also configure the fingerprints by visiting their nearest bank branch.

• Card activation is completed at the time of the first transaction at the POS terminal. 

• At the time of making the payment, customers can place the card on the POS terminal.

• The POS terminal reads the card details and requests for authentication.

• Customers can authenticate the transaction by placing their finger on a biometric reader on the card thus avoiding any direct contact with the POS terminal.

Benefits to Stakeholders

• Highly Safe, Secure and easy to use. 

• Easy and quick registration of fingerprint data on card at home or by visiting bank branch

• Instant and seamless payments authorisation.

• No need to remember the card PIN.

• Technical compatibility with the existing contactless or chip payments terminals

• No additional cost for merchants to accept payments through biometric payment.

• Self-charging – biometric sensor is powered using a terminal.

• No queue on the checkout counter because payment processing is faster with biometric cards.

The only challenge with the biometric card is that only the cardholder can use the card because transactions get completed only after the successful fingerprint authentication and biometric technology can only capture one unique identity that can never be changed.

Way Forward

Biometric cards can bridge the gap between innovation and security concerns of the current payment system. It will gain trust of banks and service providers by providing complete customer assurance and convenience to use with no additional efforts on their part than simply putting a thumb on the card. All these benefits put together make biometric cards setting the new industry standards from a security and convenience point of view in the payment industry. According to the ABI research around 2.5 Million biometric contactless cards are expected to be issued in 2021 and growth of biometric cards is expected to soar globally in the next few years.

In a country like ours which is predominantly rural and agricultural based, where the illiteracy rate is very high and remembering PIN/ Password for cards is very challenging. The benefits of Biometric cards will be a real boon for us. Biometric payment cards provide all-in-one high-end technology, convenience, usability of smartphones and security assurance with reduced effort on the customer’s part. Now is the perfect time for Indian banks to start offering biometric cards to its users and  make India a cashless and digital economy.