RBI Limits Liability of Customers in Unauthorised Electronic Transactions Involving PPIs Like Paytm, PhonePe, GooglePay, among Others
After limiting liability of customers in fraudulent bank transactions, the Reserve Bank of India (RBI) has brought out new (similar) rules for mobile wallet and prepaid payment instruments (PPI) issued by non-banking entities like Paytm, PhonePe, GooglePay, and Amazon Pay. Under the new rules, customers will have a zero liability in case of fraud, negligence or deficiency from the PPI issuer and if the unauthorised electronic transaction is reported by the customer within three days. Most importantly, the burden of proving customer liability in case of unauthorised electronic payment transactions is on the PPI issuer and not on customers, as per the RBI rules.
 
In addition, PPI issuers are asked to ensure that their customers mandatorily register for SMS alerts and, wherever, available, register for e-mail alerts, for electronic payment transactions.
 
Under the new rules, mobile wallet providers like Paytm, PhonePe, Google Pay and Amazon Pay, will have to setup a 24/7 customer care helpline to report fraud or any loss or theft or hack of the mobile wallet account of their customers.
 
If the PPI customer suffers a loss due to fraud, negligence or deficiency on the mobile wallet provider, the entire amount would be refunded if the incident is reported within three days. For unauthorised transactions reported between four and seven days, the liability of the customer is limited to the transaction value or Rs10,000 per transaction, whichever is lower. For fraud incidents reported beyond seven days, the customer liability would be as decided by the board of the PPI issuer. 
 
 
Reversal Timeline for Zero Liability / Limited Liability of a Customer
 
On being notified by the customer, the PPI issuer is required to credit (notional reversal) the amount involved in the unauthorised electronic payment transaction to the customer’s PPI within 10 days from the date of such notification by the customer without waiting for settlement of insurance claim, if any, even if such reversal breaches the maximum permissible limit applicable to that type or category of PPI. The credit shall be value-dated to be as of the date of the unauthorised transaction.
 
Further, RBI says, the PPI issuers should ensure that a complaint is resolved and liability of the customer, if any, established within such time, as may be specified in the PPI issuer’s Board approved policy, but not exceeding 90 days from the date of receipt of the complaint, and the customer is compensated as per provisions mentioned above. 
 
"In case the PPI issuer is unable to resolve the complaint or determine the customer liability, if any, within 90 days, the amount as prescribed in above paragraph should be paid to the customer, irrespective of whether the negligence is on the part of customer or otherwise," RBI says.
 
Reporting of Unauthorised Payment Transactions by Customers to PPI Issuers 
 
RBI says, PPI issuers should ensure that their customers mandatorily register for SMS alerts and wherever available also register for e-mail alerts, for electronic payment transactions.
 
The SMS alert for any payment transaction in the account should mandatorily be sent to the customers and e-mail alert may additionally be sent, wherever registered. The transaction alert should have a contact number and or e-mail ID on which a customer can report unauthorised transactions or notify the objection.
 
Customers should notify the PPI issuer of any unauthorised electronic payment transaction at the earliest and, also be informed that longer the time taken to notify the PPI issuer, higher will be the risk of loss to the PPI issuer and customer.
 
To facilitate the reporting, PPI issuers are asked to provide customers with 24x7 access via website, SMS, e-mail or a dedicated toll-free helpline for reporting unauthorised transactions that have taken place and or loss or theft of the PPI.
 
Further, RBI says PPI providers need to provide a direct link on mobile app or home page of their website or any other evolving acceptance mode for lodging of complaints, with specific option to report unauthorised electronic payment transactions.
 
"The loss and fraud reporting system must also ensure that immediate response (including auto response) is sent to the customers acknowledging the complaint along with the registered complaint number. The communication systems used by PPI issuers to send alerts and receive their responses should record time and date of delivery of the message and receipt of customer’s response, if any. This is important in determining the extent of a customer’s liability. On receipt of report of an unauthorised payment transaction from the customer, PPI issuers should take immediate action to prevent further unauthorised payment transactions in the PPI," the central bank says.
Like this story? Get our top stories by email.

User

COMMENTS

Pramod B Patil

5 months ago

Ok

Chandigarh consumer forum fines store Rs13,000 for charging on paper carry bags
The District Consumer Disputes Redressal Forum in Chandigarh has imposed a penalty of Rs 13,000 on a leading retail store for charging Rs 5 from a consumer for giving a paper carry bag to carry items that were shopped at the store.
 
Terming the charging of Rs 5 for each paper carry bag as "high-handedness" on part of the Lifestyle retail chain store, the forum pointed out that the store could not take the excuse that plastic carry bags were banned and they had to charge for the paper carry bags from consumers shopping at their store.
 
The complaint was made to the forum by a couple, Pankaj and Sangeeta Chandgothia, from Chandigarh. The decision was delivered by the forum on Friday.
 
Lifestyle store has been asked to deposit Rs 10,000 as penalty in the Consumer Legal Aid account and pay Rs 1,500 each to the complainants towards compensation for "harassment and mental agony" and as litigation expenses. 
 
"The opposite party (Lifestyle store) has also argued that post ban of plastic bags, it started providing paper bags to its customers on payment of its price. However, we feel that banning of a product does not entitle the opposite party to charge for its substitute and the opposite party and all other shops like it are obliged to provide carry bags free of cost to carry the purchased items to their customers, as the customers cannot be expected to carry the items in hands," the forum stated in its order.
 
The forum noted that the carry bag, for which the consumers had to shell out extra amount from their pocket, is a printed carry bag on both sides, which has a prominent display of the advertisement of the store and is serving as an advertisement for them.
 
"In this manner, the complainants and other gullible consumers like them have certainly been taken for a ride by the opposite party for advertising their name. Undoubtedly, the opposite party has several stores across the country and in the above said manner, made lot of money, thus, the act of opposite party by forcing the gullible consumers to pay additionally for the paper bags is surely and certainly amounts to deficiency in service and its indulgence into unfair trade practice," the forum pointed out.
 
The forum asked the store to provide free carry bags to all customers forthwith who purchase articles from its shop. It also ordered the store to refund to the complainants the amount of Rs 5 wrongly charged for the paper carry bag.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
 

 

User

COMMENTS

Umang Karnavat

2 months ago

Under what act and section this is the right of a customer?

Should Financially Naive Celebrities Claim Victimhood or Smarten Up?
Newspapers tend to give wide publicity to celebrities who lose money to cyber fraud. But there is a problem when the media projects financially illiterate celebrities as innocent victims, when they do not have the savvy to exercise basic caution before parting with information to scam callers. There is a distinction between a cyber fraud, where the bank’s systems are breached and accounts or credit cards are scammed, and ones where a user passes on information including one-time passwords. 
 
A report in the Mumbai Mirror says how Bollywood singer and 'Indian Idol 10' contestant, Avanti Patel lost Rs1.70 lakh in multiple transactions. It turns out that she had not only shared details of her own debit card, but also that of her sister (whose account was also debited) and compounded the foolishness by forwarding the one-time passcode (OTP) SMS to the caller. She ended up losing Rs1.70 lakh in multiple transactions from her and her sister's bank account. She had filed a complaint with the police. 
 
A police officer privy to the investigation told the newspaper, “The fraudster created and used a fake unified payment service (UPI) account to carry out the fraudulent transactions, which may have allowed him to access the account. There is a possibility of data leaks, as the victim had only shared the cards’ expiry date; most of the information was already with the fraudster.”  More about the UPI later. 
 
But this is not the sole example. Every day there are stories in the newspapers about people sharing their personal information, including bank account number, card number, card verification value (CVV) and even the OTP that they had received on their mobile number registered with the bank. 
 
The main reason for this is lack of financial literacy or discipline. Almost 99% of people will respond to a caller who claims to be calling from a bank or even Reserve Bank of India (RBI)! This is irrespective of whether they even have any account in that bank or not.  
 
Sharing of OTPs is particularly irresponsible, because almost every bank sends the OTP with a message warning not to share it with third parties. The Mumbai police and all banks, especially private banks, routinely issue tutorials and warnings to people about cyber fraud and against sharing personal information. 
 
The number of bank frauds, especially, telecaller and cyber frauds are increasing at an alarming rate. According to RBI, cyber frauds constituted almost one-third of total frauds in the banking sector during FY17-18. What is more shocking is that more and more celebrities and highly educated customers are getting duped very easily by the conmen posing as bank executives. One of the reasons is because these people believe that they are influential, nobody would defraud them or, even if someone does, they can catch hold of the fraudster easily. 
 
Last year in May, the Delhi Police cyber cell busted a Jharkhand-based gang that cheated many persons across the country by obtaining their ATM card details and OTPs. Describing the gang's modus operandi, the Delhi Police said, "One of the gang members would call up the victims and pose as official from RBI and seek their bank ATM card details. After obtaining the information, the gang would transfer the victim's money into e-wallets or virtual accounts and routed the money into other e-wallets. Finally, they would transfer the money to some bank accounts and pay utility bills.” That such fraudsters are thriving is due to negligence and financial illiteracy of users—this may be excused for less literate persons, but not when educated persons and celebrities are equally negligent. 
 
According to the RBI report during FY17-18, the number of reported cyber fraud cases almost doubled to 2,059 cases from 1,372 cases in the previous year. At the same time, the amount involved in the fraud jumped three times to Rs109.6 crore from Rs42.3 crore reported in FY16-17.
 
One of the most common methods used by these fraudsters is telling the respondent that her debit or credit card or bank account would be de-activated if she does not do what the caller tells her to do. As we all know, re-activating a debit or credit card or even a bank account a quite an uphill task resulting in people sharing all information with the caller.
 
Coming back to UPI, it is found that fraudsters use this to siphon money from customer's account quite easily. The reason for this is that under UPI, money cannot be transferred by using a virtual payment address, mobile number or even an Aadhaar number. In addition, it can be done from any UPI client app, not necessarily from a bank. 
 
Earlier in July 2018, the National Payments Corp of India (NPCI), which developed and promotes UPI and Bharat interface for money application (BHIM), had asked banks to discontinue Aadhaar-based payments through the UPI and immediate payment system (IMPS) channels. Pay to Aadhaar is an additional functionality in UPI and IMPS where the payer can transfer funds to the beneficiary using an Aadhaar number.
 
"Aadhaar number is a sensitive information and the revised framework about its usage in the payment landscape is still evolving. With this background, we proposed removal of ‘Pay to Aadhaar’ functionality in both UPI and IMPS before the steering committee (meeting held on 5 July 2018). The proposal of removing the Aadhaar number functionality was approved by the steering committee,” NPCI had said in a circular issued on 17 July 2018. 
 
Following the NPCI circular, State Bank of India (SBI), the country's largest lender, also removed pay to Aadhaar functionality from its BHIM SBI Pay app citing regulatory guidelines. (Read: Aadhaar: SBI Disables ‘Pay to Aadhaar’ Functionality from Its BHIM UPI App, Others Not Bothered)
 
Earlier in July 2017, Moneylife Foundation's persistent battle for bank customers began to bear fruits. The RBI issued a circular to reduce liability of customers in an unauthorised electronic banking transaction. The circular also asked banks to put in place a mechanism to record and address customer grievances or pay compensation in a systematic and timely manner. (Read: Moneylife #TweetMorcha, #BankSeBachao Impact: RBI limits customer liability in digital transaction)
 
RBI’s action came two days after a unique #TweetMorcha, which appealed to the prime minister Narendra Modi with the hashtag #BankSeBachao. This was preceded by a persistent campaign including an online petition that garnered lakhs of signatures, several complaints from customers, letters and memorandums. As on 4 January 2019, there are 324,691 people who have signed the petition, “Governor: RBI-Finance Ministry: Stop Banks Fleecing Depositors”. 
 
Making banks responsible to prove liability of the customer in such cases, in the circular, RBI says, in case of contributory fraud or negligence or deficiency from the bank, the customer will have zero liability irrespective of whether or not she reports the unauthorised transaction. In case of third-party breach, where there is no liability on bank or the customer, and the customer reports it to the bank within three days, then also she is entitled to zero liability, says RBI.
 
"Taking into account the risks arising out of unauthorised debits to customer accounts owing to customer negligence, bank negligence, banking system frauds and third-party breaches, banks need to clearly define the rights and obligations of customers in case of unauthorised transactions in specified scenarios. The burden of proving customer liability in case of unauthorised electronic banking transactions shall lie on the bank," it added.
 
In addition, banks are asked to credit the amount involved in the unauthorised electronic banking transaction to the customer's account within 10 days from reporting by the customer. 
 
RBI has also asked banks to put in place a mechanism to handle communication related with electronic banking and to resolve customer grievances within the stipulated time.  
 
You may also want to read...
 
 
 
Like this story? Get our top stories by email.

User

We are listening!

Solve the equation and enter in the Captcha field.
  Loading...
Close

To continue


Please
Sign Up or Sign In
with

Email
Close

To continue


Please
Sign Up or Sign In
with

Email

BUY NOW

online financial advisory
Pathbreakers
Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
online financia advisory
The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Online Magazine
Fiercely independent and pro-consumer information on personal finance
financial magazines online
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
financial magazines in india
MAS: Complete Online Financial Advisory
(Includes Moneylife Online Magazine)