The Reserve Bank of India (RBI) has taken a major step to make digital transactions more secure. Starting April 1, 2026, all digital payments will require at least two different verification methods, or two-factor authentication (2FA). This will include options such as passwords, OTPs, biometrics, and hardware tokens to ensure protection against online fraud.
This new rule aims to protect users from online fraud, particularly by reducing the risk of fraud such as phishing and SIM swapping. Until now, SMS-based OTPs were primarily used in India, but with this technological shift, the RBI has emphasized the adoption of modern methods such as biometrics, device-native features, and tokenization.
The RBI has stated that at least one verification method for each transaction must be dynamic, meaning it must be unique and valid for that specific transaction. Furthermore, the payment issuer will be responsible for fully compensating the customer for any loss incurred due to non-compliance with authentication rules.
Additionally, according to RBI guidelines, risk-based verification may be conducted in certain cases, where additional security measures will be implemented based on user behavior, device, or location. This rule is considered an important step in making India’s digital payment system more secure, reliable, and user-friendly.
We have taken all measures to ensure that the information provided in this article and on our social media platform is credible, verified and sourced from other Big media Houses. For any feedback or complaint, reach out to us at businessleaguein@gmail.com
Add businessleague.in as a Preferred Source
