The Reserve Bank of India (RBI) has come up with a framework for customer protection by limiting the liability in the case of an unauthorised transaction in any Prepaid Payment Instruments (PPIs).
At a time when the electronic payment transactions are catching up in the country, the Reserve Bank of India (RBI) has come up with a framework for customer protection by limiting the liability in the case of an unauthorised transaction in any Prepaid Payment Instruments (PPIs).
The usage of PPIs such as Amazon Pay, Paytm, MobiKwik, Oxigen, ItzCash,Ola Money, PhonePe etc. is rising and any such kind of protection layers instills confidence in the usage of them.
Interestingly, the RBI’s directives not only cover remote or online payment transactions that do not require physical PPIs to be presented at the point of transactions e.g. wallets or card not present (CNP) transactions, but also covers face-to-face or proximity payment transactions i.e. transactions which require the physical PPIs such as cards or mobile phones to be present at the point of transactions.
Mandatory message in every transaction alert
PPI issuers have been asked to compulsorily send the SMS alert for any payment transaction in the account to the customers and e-mail alert may additionally be sent, wherever registered. The transaction alert should have a contact number and an e-mail id on which a customer can report unauthorised transactions or notify the objection. For this the PPI issuers shall ensure that their customers mandatorily register for SMS alerts and wherever available also register for e-mail alerts, for electronic payment transactions.
Reversal of unauthorised transaction
On being notified by the customer, the PPI issuer shall have to reverse the transaction and refund the amount involved in the unauthorised electronic payment transaction to the customer’s PPI within 10 days from the date of such notification by the customer. Importantly, the credit shall be value-dated to be as of the date of the unauthorised transaction.
Your liability in case of unauthorised transaction
A customer’s liability arising out of an unauthorised payment transaction will be limited to:
1. Nature of transaction: Contributory fraud / negligence / deficiency on the part of the PPI issuer, (irrespective of whether or not the transaction is reported by the customer)
Maximum Liability of Customer : Zero
2. Nature of transaction: Third party breach where the deficiency lies neither with the PPI issuer nor with the customer but lies elsewhere in the system. The per transaction customer liability in such cases will depend on the number of days lapsed between the receipt of transaction communication by the customer from the PPI issuer and the reporting of unauthorised transaction by the customer to the PPI issuer.
Time period: Within three days
Maximum Liability of Customer :Zero
Time period: Within four to seven days
Maximum Liability of Customer :Transaction value or Rs 10,000 per transaction, whichever is lower
Time period: Beyond seven days
Maximum Liability of Customer :As per the Board approved policy of the PPI issuer
3. Nature of transaction: In cases where the loss is due to negligence by a customer, such as where he or she has shared the payment credentials,
Maximum Liability of Customer: The customer will bear the entire loss until he or she reports the unauthorised transaction to the PPI issuer. Any loss occurring after the reporting of the unauthorised transaction shall be borne by the PPI issuer.
Time line for resolution
Further, PPI issuers shall ensure that a complaint is resolved and liability of the customer, if any, established within such time, as may be specified in the PPI issuer’s Board approved policy, but not exceeding 90 days from the date of receipt of the complaint. In case the PPI issuer is unable to resolve the complaint or determine the customer liability, if any, within 90 days, the amount shall be paid to the customer, irrespective of whether the negligence is on the part of customer or otherwise.
What to do
It is important that one reports any such unauthorised transaction to the issuer without any delay. And, the next time you get a transaction alert, make sure that the issuer has incorporated their contact number and an e-mail id in it as it has been made mandatory by the RBI.