India has launched a sharp clampdown on online payment scams, ordering tougher checks and new rules that aim to cut the rising tide of fraud. Based on reports, regulators and payment networks moved after authorities recorded big jumps in both the number of cases and the money lost to scams last year. Related Reading: Australia […]India has launched a sharp clampdown on online payment scams, ordering tougher checks and new rules that aim to cut the rising tide of fraud. Based on reports, regulators and payment networks moved after authorities recorded big jumps in both the number of cases and the money lost to scams last year. Related Reading: Australia […]

India Cracks Down: Stricter Rules To Combat Rising Digital Payments Fraud

Autor: Bitcoinist

2025/09/27 00:00

India: RBI And NPCI Move Fast

Regulators have pushed several changes into the banking and payments system. According to published figures, incidents tied to Unified Payments Interface or UPI more than doubled from about 7.25 lakh ($8,700) to 13.42 lakh ($16,200) in fiscal year 2023-24.

Reported losses rose too, from ₹573 crore ($69 million) the year before to ₹1,087 crore ($131 million) in 2023-24. The central bank has allowed risk-based additional checks for certain transactions, and NPCI has told banks and apps to block pull or collect requests on UPI from October 1, 2025, a move meant to shut a common scam vector.

New Authentication And Domain Rules

One of the headline changes is a requirement for two-factor authentication for payments, set to come into effect on April 1, 2026. Banks and payment firms will need to apply at least two methods of ID for transactions — such as biometrics, device tokens, or passphrases — while SMS OTPs will still be allowed in some cases.

Reports also say the industry will be asked to reserve clear, trusted web domains for banks and finance firms — examples given include “bank.in” for banks and “fin.in” for non-bank financial companies — to make phishing sites easier to spot and block.

How Users And Banks Will Be Affected

The new rules are meant to stop impersonation scams, fake calls that pretend to be law enforcement, and other social engineering tricks that send money out of accounts.

A special Cyber Fraud Mitigation Centre and the Indian Cyber Crime Coordination Centre will coordinate responses, and a suspect registry drawn from the national cybercrime portal is being used to track suspicious accounts and identities.

Banks and small operators that run Aadhaar-enabled payment services will face stricter due diligence requirements for their agents and terminals.

Costs, Complexity And The Rural Gap

Banks and tech providers must upgrade systems to run the extra checks and keep records. That will add cost and complexity, especially for smaller firms and rural operators that rely on older devices.

Users may face more steps when they pay, particularly for cross-border or unusual transactions. Reports warn that fraudsters often change tactics after rules tighten, so the measures will need constant review and active enforcement to stay effective.

Featured image from Unsplash, chart from TradingView

Aviso legal: Los artículos republicados en este sitio provienen de plataformas públicas y se ofrecen únicamente con fines informativos. No reflejan necesariamente la opinión de MEXC. Todos los derechos pertenecen a los autores originales. Si consideras que algún contenido infringe derechos de terceros, comunícate con service@support.mexc.com para solicitar su eliminación. MEXC no garantiza la exactitud, la integridad ni la actualidad del contenido y no se responsabiliza por acciones tomadas en función de la información proporcionada. El contenido no constituye asesoría financiera, legal ni profesional, ni debe interpretarse como recomendación o respaldo por parte de MEXC.

Compartir perspectivas