New Digital Payment Rules in India Make Two Step Verification Mandatory From April
India introduces stricter digital payment rules making two factor authentication compulsory for all transactions aiming to reduce fraud improve accountability and enhance user security across banking and payment platforms nationwide
From April 1, digital payments in India have entered a new phase with stricter security rules coming into force. The Reserve Bank of India has introduced a revised framework that makes two factor authentication mandatory for all online financial transactions, marking a significant shift in how users complete payments.
Until now, many transactions relied heavily on one time passwords for verification. However, rising cases of fraud, including phishing attacks and SIM swap scams, exposed the limitations of OTP based systems. With the new rules, OTP alone is no longer enough. Every transaction must now pass through an additional layer of verification such as a PIN, password, biometric scan, or secure token.
The change applies across payment methods including UPI, debit and credit cards, and mobile wallets. Whether users are paying bills, transferring money, or shopping online, the new system ensures that each transaction is verified using at least two independent methods.
Banks and financial institutions are also adopting a risk based approach to balance security with convenience. Routine low value transactions made from trusted devices may still be processed quickly, while high value payments or transactions from new devices will require extra verification steps. This layered system is designed to make payments safer without causing unnecessary delays in everyday usage.
Alongside security upgrades, accountability rules have been tightened. Financial institutions will now face greater responsibility in case of fraud caused by system failures or negligence. Customers may be eligible for compensation, and complaint resolution is expected to become faster under the new framework.
The National Payments Corporation of India has also introduced operational limits to streamline system performance. Users can check their bank balance a limited number of times per day on a single app, and there are caps on how many bank accounts can be linked daily. Even checking the status of pending transactions is now restricted with mandatory time gaps between attempts.
Recurring payments such as subscriptions and EMI deductions will be processed during non peak hours to reduce system load. This is expected to improve overall efficiency and reduce transaction failures during busy periods.
There are also changes beyond authentication. Some banks have begun counting cardless cash withdrawals through UPI within monthly free transaction limits, after which charges may apply. Meanwhile, certain card related benefits, including lounge access tied to specific debit cards, have been revised or withdrawn.
The updated rules highlight a broader push toward safer digital finance in India. While the process may feel slightly longer for users, the added layers of protection aim to build trust and reduce financial risks in an increasingly digital economy.
