banner_ad

Security Issues and Risk mitigation measures related to Card Not Present (CNP) transactions

Last updated: 06 August 2011
 Notice Date : 04 August 2011

 RBI/2011-12/145

DPSS.PD.CO. No.223/02.14.003/2011-2012

August 04, 2011

 

The Chairman and Managing Director / Chief Executive Officers 

All Scheduled Commercial Banks including RRBs /

Urban Co-operative Banks / State Co-operative Banks /

District Central Co-operative Banks/Authorised Card Payment Networks

 

Madam / Dear Sir

 

Security Issues and Risk mitigation measures related to Card Not Present (CNP) transactions.

 

Please refer to our circular RBI/DPSS No. 1501 / 02.14.003 / 2008-2009 dated February 18, 2009 wherein a directive was issued making it mandatory for banks to put in place additional authentication / validation based on information not visible on the cards for all on-line card not present(CNP) transactions except IVR transactions from August 01, 2009. This mandate was extended to cover all IVR transactions with effect from February 01, 2011 vide our circular RBI/DPSS No. 1503 / 02.14.003 /2010-2011 dated December 31, 2010.

 

2. Banks had been advised vide para 4 of the directions contained in RBI/DPSS No. 1503 / 02.14.003 /2010-2011 dated December 31, 2010 to revert on the introduction of additional factor of authentication for certain category of  CNP transactions detailed therein. The matter was discussed in a meeting of banks with the Reserve Bank of India on June 22, 2011 wherein it was emphasizedby the Reserve Bank that while it was not advocating any specific solution in this regard, it is imperative that all CNP transactions are brought within the ambit of additional factor of authentication without further delay. To this end, banks were advised to evaluate possible alternatives at the earliest.Based on the feedback from the stakeholders and keeping in view the interest of card holders the following directions are issued:

  1. It is mandatory to put in place additional factor of authentication for all CNP transactions indicated in para 4 of our directions dated December 31, 2010 with effect from May 01, 2012.
  2. In case of customer complaint regarding issues, if any,arising out of transactions effected without the additional factor of authentication after the stipulated date, the issuer bank shall reimburse the loss to the customer further without demur.

 

3. The directive is issued under section 18 of Payment and Settlement Systems Act 2007, (Act 51 of 2007).

 

4. Please acknowledge receipt.

 

Yours faithfully,

Vijay Chugh

Chief General Manager.
 

Guest
Notification No : RBI/2011-12/145
Published in Others
Share Report Abuse

CCI Pro Comments

Join the CA Students WhatsApp Community for ICAI Updates, Trending Courses & Notes!

Other Latest Notification/Circulars


View More Notifications


banner

Trending Online Classes

view all classess

CCI Pro
Meet our CAclubindia PRO Members
Subscribe Now

Follow us
add to google news


Browse by Category





Latest Job Openings

View all
Company
19 May 2026
Fundraising Expert

MentorsWorld Ventures Private Limited

Ahmedabad

Others

View Details
Company
26 April 2026
Chartered Accountant

Source HR

Mumbai

CA

View Details
Company
14 May 2026
Senior Associate

ABHISHEK SHANKAR AGARWAL & ASSOCIATES

Kolkata

CA

View Details
Company
19 May 2026
Accountant

ca kunjan

Mumbai

CA Inter

View Details
Company
14 May 2026
Senior Accounts Executive

Karan Gupta & Co.

New Delhi

Graduate (Any)

View Details
Company
Featured 02 May 2026
Senior Executive

hitesh chandwani & co

Pune

B.Com

View Details
Company
23 May 2026
Article Assistant

Geeta Manchanda & CO.

New Delhi

CA Inter

View Details
Company
11 May 2026
Post office

Post office

Anakapalle

Others

View Details