The Reserve Bank of India (RBI) has released updated guidelines for e-mandates in digital payments, requiring an additional layer of authentication to bolster the security of recurring transactions. These regulations apply to all payment system providers handling auto-debit payments, encompassing cards, prepaid payment instruments, and the Unified Payments Interface (UPI) for both domestic and international transactions. Customers opting for e-mandates will need to undergo a one-time registration process for activation.
The revised framework mandates the validation of an extra authentication factor before activating any e-mandate, supplementing the standard verification process conducted by issuers. Notably, the first transaction under an e-mandate must undergo this additional layer of authentication. Moreover, recurring transactions exceeding Rs 15,000 and high-value payments like insurance premiums, mutual fund subscriptions, and credit card bill payments over Rs 1 lakh will necessitate further authentication.
To enhance user flexibility, the RBI allows setting e-mandates for fixed or variable amounts within specified limits. For variable mandates, customers can define a maximum transaction value. Any changes to existing mandates will require fresh authentication, and each e-mandate will have a defined validity period, with customers retaining the option to modify or cancel them at any time. Issuers are directed to transparently communicate these features during registration.
The central bank clarified that customers will not incur charges for utilizing the e-mandate facility for recurring payments. Additionally, payments made under e-mandates will not be subject to any additional limits or controls beyond the prescribed framework set by customers.
