RBI Proposes Tighter PSO Norms for Digital Payment Security [UPSC Notes]

In order to improve the safety and security of payment systems of payment security operators (PSOs) the Reserve Bank of India, in June 2023, released draft guidelines on cyber resilience and digital payment security controls. In this article, you can read more on these new norms for PSOs that the RBI has released to enhance digital payment security. This topic is significant from the point of view of the Indian economy section of the UPSC syllabus.

Draft Guidelines on Cyber Resilience and Digital Payment Security Controls

  • According to the directions issued by the Reserve Bank of India (RBI) the payment security operators have to report unusual incidents such as:
    • Cyberattacks
    • Outage of critical system or infrastructure
    • Internal fraud and settlement delay                  
  • According to the RBI directions, any unusual incidence must be reported within 6 hours of detection.
  • The proposal of the RBI requires that individuals who have access to the information technology environment of the payment security operators be given a digital identity which will be monitored and maintained till termination.
  • The directions to improve cyber security are important in the context of increasing cyber attacks on the payment systems which play an important role in ensuring financial stability and inclusion.
  • The proposed mechanisms aim to put in place a robust governance framework for the identification, assessment, monitoring and management of cyber security risks.
  • In order to ensure system resiliency as well as safe and secure digital payment transactions the directions will cover baseline security measures.
  • Draft guidelines require that the payment security operator (PSO) board is responsible for maintaining adequate oversight over information security risks, including cyber risk and cyber resilience.
  • PSO must frame an information security policy to manage risks which is approved by the PSO board and the policy must cover all applications and products concerning payment systems as well as the management of risks that have materialised.   
  • The Reserve Bank of India (RBI) has proposed to set a timeline for different categories of PSOs in order to provide PSOs adequate time to put in place the necessary compliance structure.

RBI Proposes Tighter PSO Norms for Digital Payment Security:- Download PDF Here

Related Links
Difference between Malware and Virus Information Technology (IT) Act, 2000
Cyber Crimes Artificial Intelligence (AI)
National Cyber Security Policy Metaverse


Leave a Comment

Your Mobile number and Email id will not be published.