The Reserve Bank of India's new guidelines on interoperability of prepaid payment instruments will lead to better management of cybersecurity and security audits. But many questions are yet to be answered.
The Reserve Bank of India issued a notice to all cooperative banks advising them to apply caution while deploying third-party core banking applications and check for appropriate security standards. The move came after credential theft incidents at some banks. But will banks heed the advice?
The Reserve Bank of India, the nation's central bank, is launching a number of efforts to help bolster the cybersecurity of banks. Those include encouraging banks to use access control management and install security operations centers. But critics say the measures aren't bold enough and offer other suggestions.
RBI's recent move to mandate that all banks must use Aadhaar as the primary form of authentication for anyone accessing their bank account is stirring a debate about the long-term role of the authentication mechanism and associated data security issues.
Even a few weeks after the RBI announced its plan to consider removal of the two-factor authentication requirement for small-value transactions, security critics continue to react strongly against the notion.
Although some global payment organizations apparently have failed to meet the Bank of India's October 15 deadline for storing all Indians' payment data domestically, the nation's central bank reportedly has ruled out extending the deadline and is demanding a status report.
While some payment companies are strongly protesting the Reserve Bank of India's mandate that they store all data locally by October 15, portraying compliance as costly and impractical, others support the move as a way to ensure data is protected.