RBI to soon release norms on single authentication for low value transactions

The Reserve Bank is likely to issue guidelines on single authentication payment for small ticket transactions within a month


To make online transactions easier, the Reserve Bank of India (RBI) will soon come out with single authentication payment norms for low value e-commerce transactions without any compromise on security. 
The criteria to decide on low value transaction will be decided by the norms expected to be released in a month. 
“One area is that we are looking at small payments where we have two-factor authentication. Whether we can create a system where we can avoid the second factor authentication so that the small transactions can go... (For) arrangement between customer liability and provider liability, we can work out something. We are discussing with banks,” RBI Deputy Governor HR Khan said at Inclusive Finance India Global Summit. 
Currently, two-step authentication is generally prevalent in the country unlike developed nations. First step of authentication is feeding PIN, and the next step is punching in of secure code or one-time PIN/password (OTP). 
“Maybe, we will go for a small amount where we need not have second factor authentication. That amount could be (Rs)1,000, 2,000 or 3,000,” he said. 
“I am not able to tell you the amount at the moment but that is what we are working at so that small value, low ticket we can get out of the second-factor authentication without compromising on customer’s liability and provider’s liability,” he said. 
Asked as to by when guidelines on small ticket transactions will be issued, he said: “I suppose within a month’s time.” 
Asked about the debt switch, Mr Khan said the RBI had some plan but did not elaborate on this. 
“We have got some plans to do it (bond switch),” he said. 
Under the debt switch programme, the government plans to buy short-dated debt, and, in turn, sell longer duration G-secs in an effort to spread out redemptions of debt to later years.


Equity MFs report a net inflow of Rs4,963 crore in November

Equity mutual funds report a net inflow for the seventh consecutive month. However, the level of net inflows was lower than that of the past five months


Equity mutual fund sales crossed the Rs10,000 crore once again in November 2014, touching Rs10,947 crore. With redemptions amounting to Rs5,984 crore, net inflows into equity mutual funds totalled Rs4,963 crore for the month. This was the first time in six months that net inflows were below the Rs5,000 crore mark. Over the 11-month period, from January 2014 to November 2014, equity mutual funds recorded a net inflow of Rs42,907 crore. In the same period last year, the equity funds reported a net outflow of Rs11,284 crore.


New fund offers continue to bring in fresh assets. The four NFOs launched in November, brought in Rs1,014 crore. Birla Sun Life Equity Savings Fund was the open-ended equity scheme launched, grossed assets worth Rs139 crore. DSP BlackRock 3 years Close Ended Equity Fund, ICICI Prudential Growth Fund Series 4 and Sundaram Select Small Cap Series II were the close-ended schemes launched which locked in fund worth Rs875 crore.


Equity mutual funds have been reporting a steady rise in folios as well. As on 30th November 2014, the total number of equity folios reported was 30.02 million folios, 354,637 folios higher than that reported in January 2014 of 29.67 million folios.

In terms of assets under management, the total equity assets went up “5.90% or by Rs0.18 lakh crore to Rs3.15 lakh crore in November, the highest asset tally for the category on record. The underlying asset class, represented by the benchmark CNX Nifty Index, gained 3.20% in the month,” mentioned a CRISIL report. “Balanced funds, which invest a major portion of their AUM in equity, also benefited from the ongoing uptrend in the equity market as the category fetched inflows for the sixth straight month,” the report mentioned. All asset classes except for liquid funds, gold and foreign funds reported a net inflow in November.


Android devices face threat from password, SMS stealing malware

Android/SmsSend is an SMS-sending malware that reaps profit from sending SMS messages to premium rate numbers


Cyber security sleuths have alerted Android-based smart phone users against an infectious Trojan virus, which steals vital information from the personal device and can even illegally send SMSes to those on the mobile contact list as well as to premium rate numbers.
The deadly virus has been identified as 'Android/SmsSend' and it can acquire as many as four aliases to hoodwink the user and perpetrate its destructive activities on a personal Android enabled device. SmsSend.A is a version of another malware called OpFake. It reaps profit by sending the message "gf bigfun 281 fnuXW9Ey5" to these numbers: 9993, 9994, and 9995. SmsSend.C operates in the same way SmsSend.A does, but uses a different display image, message content and recipient numbers. When executed, it displays images of nude women and sends out the message .galve 328 SjhFaG1IK. to 6008, 6006, 6152, and 6952 numbers, says F-Secure in an advisory. 
In its latest advisory to Android device users, the Computer Emergency Response Team of India (CERT-In) said, "Android/SmsSend is a premium service abuser family malware that arrives bundled with legitimate Android applications and infects Android based smart phones. Once infected, it sends text messages (typically with a link to itself or a different threat) to a specific number, typically to numbers on the contact list and is also capable to send SMS to premium rate numbers". 
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.
It said that after a typical successful infection of the virus, basic information about the smart phone like IMEI number, device id, device type among others are compromised and it can even install spyware on the targeted device.
The virus is so notorious, the agency said, that it 'steals contacts and pictures, tracks the location, steals passwords, illegally accesses text messages, crashes a complete system, steals personal banking information when logged in, installs other sort of spyware and disables firewall and anti-virus program to defend itself."
The CERT-In said the malware is created by modifying the legitimate application and then re-distributing via marketplace or other separate channels.
The agency has suggested some counter-measures in this regard.
"Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile anti-virus solution, check for the permissions required by an application before installing, exercise caution while visiting trusted/ untrusted sites for clicking links, install Android updates and patches and use device encryption or encrypting external SD card feature available with most of the Android operating system (OS)," it said.
Also, avoid using unsecured, unknown Wi-Fi networks and make a practice of taking regular backup of the Android device, the advisory said.


We are listening!

Solve the equation and enter in the Captcha field.

To continue

Sign Up or Sign In


To continue

Sign Up or Sign In



The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Magazine
Fiercely independent and pro-consumer information on personal finance
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
MAS: Complete Online Financial Advisory
(Includes Moneylife Magazine and Lion Stockletter)