RBI issues Mobile Banking Guidelines – Conservative Approach

RBI, earlier put a temporary halt to mobile payment services and has now issued fresh guidelines that sounds too conservative to be true.

Few excerpts:

  • Per transaction limit of Rs. 2500/- shall be imposed on all Mobile Banking transactions – subject to an overall cap of Rs. 5000/- per day, per customer.
  • Interoperability:
    Banks offering mobile banking service must ensure that customers having mobile phones of any network operator is in a position to avail of the service (though the interoperability norm is relaxed for the first 6 months).
  • Only Indian Rupee based domestic services shall be provided. Use of mobile banking services for cross border transfers is strictly prohibited.
  • For channels which do not contain the phone number as identity, a separate login ID and password shall be provided to ensure proper authentication. Internet Banking login IDs and Passwords shall not be allowed to be used for mobile banking.
  • Two-factor authentication
    One of the factors of authentication shall be mPIN or any higher standard – mPIN shall not be in clear text anywhere in the network. (mChek’s USSD gets an edge over paymate?)

Overall, the guidelines sound too conservative – RBI has taken a very risk free approach (wonder why they don’t make Basel II imperative then?) towards mobile banking.

What’s your opinion?

Download the pdf

Ashish Sinha is founder of Pluggd.in, now known as NextBigWhat. He can be reached at: ashish (at) nextbigwhat.com.

Related posts

5 Comments

  1. darth-vader said:

    It’s not that good but still gives enough to move your arms a bit.
    As for Two-Fac Auth, mchek’s USSD infact suffers as compared to paymate’s SMS wasy.
    USSD makes it safe on user’s phone ‘cos nothing gets stored there. But over the air SMS is relatively safer. Reason: SMS uses A5 encryption (not very strong though) when transmitting the data while USSD send plain text and hence more prone.

    Reply
  2. Anand said:

    Ashish, is the Basel II comment an error?

    Basel II accord is for the bank as a whole and not for any banking channel.

    Reply
    • Ashish said:

      @Anand : I do know that (have presented a paper to RBI on baselII implementation/suggestion as part of my life@IIM B ) – what i am referring here is if RBI is so worried about banks’s operational risk (which they have mentioned in the guidelines), why arent they aggresively implementing basel II (seriously speaking, I am not following the issue anymore)..?

      Maybe the part didn’t come out clearly in the post.

      Reply

  3. Pingback: links for 2008-09-25

  4. Pingback: RBI updates mobile banking guidelines - doubles the transactional limit |Technology and Business Startups in India

*

*

Top