The National Payments Corporation of India (NPCI) is in talks with several startups to integrate biometric authentication into UPI payments. This move aims to enhance security and address rising concerns about online fraud.
Biometric Authentication for UPI Transactions
- Platforms: On Android devices, users will use fingerprint recognition, while iPhone users will rely on Face ID.
- Current System: UPI transactions currently use a personal identification number (PIN) as a second factor of authentication.
Rising Fraud Concerns
The Reserve Bank of India (RBI) has expressed concerns over the surge in UPI-related scams, particularly those involving PIN fraud. According to the RBI’s annual report, online fraud cases increased by 334% year-on-year, reaching 29,082 incidents in FY24.
Implementation Details
- Partnerships: NPCI is negotiating with startups to finalize financial and legal terms for integrating biometric solutions.
- Coexistence: Initially, both PIN and biometric methods are expected to be available for UPI transactions.
RBI’s New Framework
Just a week ago, the RBI proposed a new framework for additional authentication methods in digital transactions. This framework suggests expanding the types of authentication factors beyond just PINs and passwords.
- Draft Framework: The RBI’s draft “Framework on Alternative Authentication Mechanisms for Digital Payment Transactions” includes options such as biometrics, passwords, and cards.
- Feedback: The RBI is seeking feedback on this draft framework until September 15.
The draft aligns with the RBI’s February announcement regarding a principle-based approach to digital payment security. It defines authentication factors as something the user knows (e.g., passwords), something the user has (e.g., cards), or something the user is (e.g., biometrics).