The latest RBI guidelines from October 2017 require PPI issuers to meet the challenges of fraud and customer protection with a strong risk management system in place. These guidelines include: mandatory two-factor authentication for virtual cards, successive wallet payment transactions, and for increasing capped transaction values. Other requirements for wallets include an inactivity time feature, restriction on multiple login attempts, a separate login required for the wallet, a cooling period before adding beneficiaries and a check on the number of transactions per day per beneficiary.
These regulations have been introduced in light of the overnight success of mobile wallets in India after the Prime Minister Modi's demonetization policy of last November. According to a recent join report by Google and Boston Consulting Group, the digital payments industry is estimated to reach $500 bn by 2020 and contribute to 15% of India's GDP.
The RBI's intention is to encourage the growth of digital wallet transactions but also protect its citizens against payment and identity fraud. Payment providers fear that such strict guidelines will cause friction in transactions and hurt mobile wallet adoption in India.
"Instead of additional authentication which negatively impacts the user experience, Paygilant allows banks and mobile wallets to embrace robust risk-based authentication for all transaction amounts on mobile devices in the pre-transaction phase. Paygilant's ability to provide visibility into the payment activity of the user through in-depth behavioral mapping can accurately identify fraudulent attempts and trigger authentication only upon these suspicious and risky transactions.
This type of risk-based fraud detection brings greater security and significantly fewer false positives than current anti-fraud solutions, as well as a positive customer experience," says Ziv Cohen, CEO of Paygilant.