Money & Banking

Unauthorised transactions: RBI says PPI users will not lose money if reported within 4 days

Our Bureau Mumbai | Updated on January 04, 2019 Published on January 04, 2019

Although there are some liabilities defined for stakeholders in the digital payment ecosystem, they are not enough   -  Getty Images/iStockphoto

In what could boost trust among users while making a transaction through instruments such as a a mobile wallet, the Reserve Bank of India (RBI) has issued fresh guidelines on limiting the customer liability for unauthorised electronic payments involving Prepaid Payment Instruments (PPIs).

Customers who carry out transactions on mobile wallets such as Paytm, PhonePe, Mobikwik, among others, will not lose their money in case of a cyber attack or negligence of the platform on which the transaction is taking place. So far, the facility was only provided for banks and NBFCs

In its fresh guidelines, the RBI said the rules are applicable to all authorised non-bank PPI issuers such as Paytm, Mobikwik, PhonePe and Oxigen, among others. However, the rules are not applicable to PPIs issued under the arrangement of PPI-MTS (PPIs for Mass Transit Systems) such as Delhi Metro or Mumbai Metro, except for the cases of contributory fraud, negligence, and deficiency on the part of the PPI-MTS issuer, where the customer liability will be zero.

As per the new guidelines, the electronic payment transactions are divided into two categories – remote/online payment transactions that do not require physical PPIs to be presented at the point of transactions such as Paytm, PhonePe, Google Pay or WhatsApp, and second, face-to-face or proximity payment transactions that require physical PPIs such as cards or mobile phones to be present at the point of sales.

The PPI issuers now have to mandatorily register their customers for SMS/e-mail alerts regarding fraudulent transactions. They have to provide 24x7 customer service, a dedicated toll-free helpline, and a direct link for reporting unauthorised transactions.

In case of third-party breach, where it is neither the fault of PPI issuer nor the customer but lies elsewhere in the system, then the customer will not lose any money if reported within three days.

If the fraud is reported within 4-7 days, then the customer liablity is same as the transaction value, or ₹10,000 per transaction, which ever is lower. Beyond seven days, it will be as per board approved policy of PPI user. On being notified by the customer, the PPI issuer shall credit the amount within 10 days.

Published on January 04, 2019
This article is closed for comments.
Please Email the Editor