The Reserve Bank of India, the central bank of the country, recently asked all the banks to use additional factor authentication (AFA) for the auto-debit transactions on both debit and credit cards of their customers. This is to protect the interest of the consumers from various fraudulent card-related transactions. 

So effective today (October 1, 2021), banks will not approve any standing instruction (for recurring payments) given at merchant websites or mobile applications without the approval of their customers. This means the standing instruction or the auto-debit facility enabled across various platforms including insurance (premium) payment, your subscription to platforms such as Netflix and Hotstar, and other billers will be disabled or declined. This is provided if the card-issuing bank and merchants do not meet the new conditions prescribed by RBI. 

What does it mean for all your standing instructions? How to overcome this issue? Read to find out more:

What is the new rule?

The RBI has issued a framework for processing recurring online transactions. Under the new rules, all these recurring transactions mandatorily require additional authentication, if the value is more than Rs 5,000. It means that you as a customer must approve your auto-debit transaction via OTP. This is applicable for all cards both debit and credit cards with standing instructions of monthly/quarterly/half-yearly or yearly. 

Does it apply to all transactions?

These changes are nothing to worry about for a customer and it doesn’t apply to all your standing instructions. 

Where there is no impact: Those transactions or standing instructions initiated on the bank’s website or app through their BillPay service will continue. For instance, if you have mutual fund SIPs, mobile bills or any other payments where you have already added the service provider as biller with your bank, then it will continue hassle-free.  

Where there is impact: Those transactions or standing instructions initiated through third-party apps or merchants will now require authentication by the customer via OTP. This includes your insurance premium payments, Netflix or Prime subscription and so on.

What’s the solution? 

The solution depends on whether your bank and other service providers have complied with RBI norms. Most banks, especially private banks, have tied up with select merchants and have onboarded on an integrated payment system, as mandated by the RBI.  

For auto-debit of less than Rs 5,000: So, if you as a customer have a recurring transaction of less than Rs 5,000 then all you need to do is to register your auto-debit once again and authenticate via OTP. Post this, your third-party merchant transactions will continue as usual. For instance, HDFC Bank has a list of merchants who have complied with RBI norms. These include Netflix, Google India, Policybazaar, Facebook and Bajaj Allianz General Insurance. If you are an HDFC Bank customer and you have an auto-debit with any of these merchants, it will continue smoothly post your one-time authentication. 

On the other hand, if you have an auto-debit with those merchants who are yet to comply with RBI norms, then you will have to manually make your payment whenever it is due. Until those service providers or merchants comply with RBI norms, you may not be able to provide standing instruction. 

For auto-debit of more than Rs 5,000: For any auto-debit or standing instruction with third-party service providers beyond Rs 5,000, then your bank will send a request for you to authenticate or approve the same, a day or two before the actual transaction occurs. You can approve your transaction via OTP and the transaction is processed. This is provided your Netflix or Spotify service providers are complied with RBI guidelines. 

If some of the merchants are not complying with the RBI norms, then you as a customer need to manually approve your transaction every time it is due. 

What is the best approach?

For now, it is best to wait for operational clarity from your bank. But if your service provider is not enabled for the new platform as per RBI norms and as a result your auto-debit doesn’t happen, then you have two options. 

One, to manually authenticate for every transaction via OTP. 

Two, you can use the net-banking services of your bank and register billers such as mobile bill payments, broadband or insurance for automatic timely payments. 

Why is this happening?

RBI, in the best interest of the customers, is trying to protect their data. All the third-party service providers, as per the Central Bank’s guidelines, should not store any customer’s data. Therefore, all the transactions are routed through the bank’s platform.