The Reserve Bank of India (RBI) on 6 December 2016 relaxed the norms for Additional Factor of Authentication (AFA) for online card transactions of up to Rs 2000.
However, only authorised card networks will provide such payment authentication solutions for online CNP (Card Not Present) transactions.
Customers opting for this facility will go through a one-time registration process by entering the card details and additional factor authentication by the issuing bank. Thereafter, the registered customers will not be required to re-enter the card details for every transaction at merchant websites or apps.
However, the relaxation in the process of online card transactions comes with some conditions. Have a look:
- Only authorised card networks can provide such payment authentication solutions with participation of card issuing and acquiring banks.
- Customer consent shall be taken while making this solution available to them.
- The relaxation for AFA under such solutions shall be applicable for card not present transactions for a maximum value of Rs 2000 per transaction across all merchant categories.
- Banks and card networks are free to facilitate their customers to set lower per transaction limits.
- If the transaction limit goes beyond Rs 2000, then the card not present transaction will be processed as per the extant instructions with mandatory AFA; this goes same for the transaction value of below this limit.
- Banks and card networks will decide the number of such small value transactions in a day, week or month.
- There will be no change in the existing chargeback process.
Advise for banks and authorised card networks
- To make customers aware that this solution is an optional facility for CNP transactions of up to Rs 2000 only and they are free to make payments using other forms of AFA as well.
- To educate the customers about the use of this means, risk involved in it and the mechanism for customer grievance redressal and how they can report complaints through multiple channels.
- To indicate the maximum liability that falls in on the customer's part and the responsibility of the customer to report any frauds while transacting.
- To bear the full liability in the event of any security breach or compromise in the authorised card network.
This move will surely boost the digital transactions at this crucial time of demonetisation. This will certainly encourage more users to switch to online payments. Moreover, it will enhance consumer convenience so that they can use cards more often.