These directions shall be complied with by April 01, 2026, unless indicated otherwise for any particular direction.
FinTech BizNews Service
Mumbai, September 25, 2025: The Reserve Bank of India (RBI) has today issued Reserve Bank of India (Authentication Mechanisms for Digital Payment Transactions) Directions, 2025.
RBI had issued draft directions on Alternative Authentication Mechanisms for Digital Payment Transactions on July 31, 2024 and draft directions on introduction of Additional Factor of Authentication (AFA) in cross-border Card Not Present (CNP) transactions on February 07, 2025, for stakeholder comments.
Feedback from the public has been examined and suitably incorporated in the final directions. The directions, inter alia, focus on the following:
Encouraging introduction of new factors of authentication by leveraging upon technological advancements. The framework, however, does not call for discontinuation of SMS based OTP as an authentication factor.
Enabling issuers to adopt additional risk-based checks beyond the minimum two-factor authentication based on the fraud risk perception of the underlying transaction.
Facilitating interoperability and open access to technology
Delineating the responsibility of Issuers.
Mandating card issuers to validate AFA in non-recurring cross-border CNP transactions whenever such a request is raised by the overseas merchant or acquirer.
These directions shall be complied with by April 01, 2026, unless indicated otherwise for any particular direction.
