The Payment System Board—a committee of the central board of RBI— reviews its position periodically, and issues strategic directions to the regulatory departments for framing policy. The policy measures cover two primary areas.
By AP Hota
There is often anguish, on why adoption of digital payments is slow. One of the reasons, some claim, is that we have an overly ambitious “less cash” vision, and in trying to cover theentire 700million+ transacting population, in the digital payment revolution, we are ignoring what the customers want. Considering the level of poverty and consumption patterns, the practical approach would be to aim 500 million bank/wallet customers. For the other 200 million customers, who are still struggling for a decent living, our standard of digital inclusion should be different, at least, for some time. Subsidy/ pension/ grants being credited into their bank accounts through the Aadhaar Payments Bridge—a digital platform operated by NPCI—and easy access to AePS for cash withdrawal at citizen service centres or bank branches should be good enough. For these users, cash is the most comfortable payment instrument.
Digitally ready: Need to address fears of those on the fence to join digital bandwagon
This target group of 500 million customers is not homogenous. They fall in three categories
a) active users/early adopters (100 million),
b) casual users/early majority (250 million), who are sitting on the fence to turn into active users; and
c) “cash meets all my needs” users/late majority (150 million), who require some form of mandate like its been done for GST/income tax payment beyond a cap or what is being contemplated for toll gate payment on national highway from December 1, 2019.
Immediate focus, therefore, should be on the second group of 250 million casual users. Though these have smart phones, debit cards, and hail from an economic strata that demands regular payments for various utility bills and other household needs, the fear of “something going wrong and not knowing how to resolve” makes them reluctant. They understand the likely benefits of digital payments, but use the digital channel only when necessary. They do not invest adequate time in understanding how to secure transactions or use grievance redressal mechanisms. One unhappy experience is good enough to turn them off. Living with cash is considered more comfortable than inviting risk. Instances of insensitiveness of some Payments Service Providers (PSPs) while rolling out products, without completing the rigours of thorough testing just to meet the time-to-market deadlines, goes against the very principle of digital transactions. Neither the simplicity of UPI nor cashbacks attract these users.
The fear of account being debited without generating a charge slip while using the debit card at a restaurant or a shop makes many nervous. Many, also opt for Cash-on-Delivery (COD) option while conducting e-commerce transactions, knowing very well that a cashback of 2-5 % is available on digital mediums—cards, UPI, wallets and internet banking. A few also opt COD to check the quality or quantity before payment. Most e-commerce firms accept return within a week and also have simple process for refunds. But anecdotal evidence of technical glitches, privacy violation, wrong or delayed credit, deter them from such transactions. Mostly, debit cards are used for cash withdrawal from ATMs.
RBI has been responding positively by issuing guidelines/circulars/notification to ensure such customers of safety and security of transacting online. The Payment System Board—a committee of the central board of RBI— reviews its position periodically, and issues strategic directions to the regulatory departments for framing policy. The policy measures cover two primary areas.
a) transactional security & data privacy; and
b) grievance redressal.
Transactional Security and Data Privacy
To protect the customers from unauthorised transactions or unauthorised sharing of data with third party, and to ensure that service is available to the customers as promised, RBI has mandated that
a) payment cards conform to EMV standards
b) EMV enablement of all card acceptance points
c) multi factor authentication—first in Card Not Present (CNP) transactions and subsequently for Card Present (CP) transactions, and then other digital channels
d) Mobile alerts by core banking system (CBS) to customers for every debit and credit transactions
d) To provide the customer with the option of transaction cap and mode of transaction
e) PA-DSS and PCI-DSS compliance of payment system infrastructure at all service providers in the value chain
f) need for certification of acceptance terminals—Cards and Aadhaar
g) periodic information security audit
h)creating facility for monitoring of transaction velocity and frequency
i) data localisation, etc.
Use of Aadhaar for payment transactions has also seen regulatory changes. Certain categories of banks such as co-operative banks require license to offer mobile banking to their customers over the fear that over-enthusiasm, without corresponding security infra, may land the customers into difficulties. RBI has also mandated certain issues of payments service offering to be placed before the Board for deliberation. One may recall, that way back in 2011 when RBI introduced two-factor authentication for CNP transactions, it was accused of “killing e-commerce”. Transactions have increased multi-fold since. It is a clear case study that transactional security helps growth of digital payments. India was a clear leader in two-factor authentication in e-commerce, and recently many countries world over are migrating to this practice.
The second set of measures initiated by RBI refer to Grievance Redressal Mechanisms. They constitute the hygiene factor and bedrock for migrating to a less-cash society in due course. Many of the regulatory measures are a direct response to customer complaints, of gaps in the machinery and crying need for attention.
Measures implemented so far are
a) zero liability of customers in unauthorised digital transactions
b) stringent Turn Around Time (TAT) for resolving the complaints, failing which a penalty is imposed on the service provider (India’s TAT requirements for digital payment system is much better than many developed countries )
c) complaint position to be placed before the Board
d) Scheme of Ombudsman for digital transactions
e) extending the period of service availability
f)customer consent before on-boarding onto digital channel and the option to fix amount cap or withdrawal
d) contact details for customer complaints to be prominently displayed
e) availability of 24×7 call centre or service centre in case of 24×7 services.
In addition, all customer service measures including transparency in service charges are equally applicable for digital payments.
We have a long way to go before we can claim ourselves to be a less cash society. Our ecosystem is evolving and we need to be patient. Payment innovations like UPI are taking place at the right pace, but UPI volumes alone should not be the benchmark to fix targets for banks and payment authorities. The qualitative indicator like the level of customer complaints should be the primary parameter for monitoring. Since RBI is planning to publish payment system data on a monthly basis, in a granular manner, bank-wise data on customer complaints and security breaches needs to be included. The Payment Gateways, Collection Aggregators and other non-bank players in the value chain are now processing millions of digital payments every day; but there are hardly any regulations on them. They must be regulated and supervised by RBI, before an explosion takes us by surprise. For digital payments to covers all sections of society and less cash vision to be realised early, care and caution is as much necessary as speed.
Former MD&CEO NPCI. Views are personal
(This is the last piece of the article series on digital payments.)