Aadhaar is finally getting its teeth into key financial transactions, going by the central bank’s tough stand. The
Reserve Bank of India has recently asked banks to ensure
Aadhaar authentication for card transactions at merchant locations.
“All new
card present infrastructure has to be enabled for both
EMV chip and PIN and Aadhaar (
biometric validation) acceptance,” the
RBI stated in a notification on November 26. It also directed banks to issue chip-based cards by November 30 to tackle rising cases of
fraud. The latest notification follows the recommendations of the Working Group headed by Gowri Mukherjee, global head of digital marketing at
Standard Chartered Bank.
A rise in fraud cases due to
stolen card data had prompted the RBI to set up a panel in March 2011, which looked into securing card-based transactions through additional layers of authentification such as PINs and
biometrics. According to the RBI, the recommendations of the Working Group have been examined and the measures have been advised after taking into consideration the developments that took place in the card payment ecosystem as well as in the scalability and effectiveness of Aadhaar over a period of time.
Euro pay MasterCard Visa or EMV
chip and
PIN authentication involves card information being stored in a chip that is accessible through a PIN or
personal identification number, which replaces a cardholder’s signature. This is in line with global best practices and is currently getting implemented. So is it really essential to come up with an additional security layer by linking the entire process with Aadhaar and its biometric validations?
Not for all cards, it seems. “In respect of cards, not specifically mandated by the RBI to adopt
EMV norms, banks may take a decision whether they should adopt Aadhaar as additional factor of authentication or move to EMV chip and Pin technology for securing the
card present payment infrastructure,” said RBI.
Even then, the biometric validation will be mandatory for all new machines/replacements and that means getting infrastructure-ready where no such infrastructure exists.
Before we get into more details, let us have a look at Aadhaar’s current functionality and future scope. Launched by the
Unique Identification Authority of India (
UIDAI), Aadhaar cards are essentially identity proofs based on
biometric data. These are currently used for opening bank accounts and further ensure that
Indian government’s welfare payments are routed directly to beneficiaries.
But Aadhaar is bound to play a more crucial role and gain a nation-wide runway when the latest RBI directive comes into force. Since both provisions are made mandatory by the RBI,
Aadhaar validation will have to be facilitated at all new
point of sale (
PoS) terminals/ATMs.
Although most banks have started rolling out the EMV chip and PIN systems and are deploying new cards to customers, implementing Aadhaar validation will require more time and additional costs. That’s because banks will have to put in place the mechanism for
biometric checks, in tune with the system established by the UIDAI.
“This new requirement is a challenge as we have very basic thumb print and reading devices. There is no service provider that manufactures such machines in bulk,” the payments head of a leading private sector bank told
Economic Times. As a result, most
private banks may stop installing
PoS terminals at merchant outlets, he said.
But the worst hit could be the
public sector banks such as the
State Bank of India and
Bank of Baroda who are planning to roll out a large number of PoS machines. They will have to start from scratch to enable biometric facilities.
In spite of the current
gap in infrastructure, no one can deny the benefits of including biometric data (finger print/retina scan) captured by the UIDAI. This can be effectively used for authentication to protect against both
domestic counterfeit and lost & stolen card fraud as the cardholder has to be physically present at the PoS terminal/ATM to authenticate the transaction. Even if the card is counterfeited, the fraudster will not be able to use the card as the biometric data of the customer will be required.
Currently, transactions using cards at PoS do not require additional authentication in majority of the cards. However, data stored in
magnetic stripe is vulnerable to
skimming. If more and more customers are to be encouraged to use PoS channels, it will surely require securing these transactions through biometric authentication and prevention of
counterfeiting (skimming) by migrating to chip and PIN. That’s exactly what the RBI is doing although it may take some time to get into action.
With input from Agencies Image: Indiatimes
Next Story
Exploring the world on wheels: International road trips from India
10 worst food combinations you must avoid as per ayurveda
Top seeds that keep you cool all summer
8 mouthwatering mango recipes to try this season
India's hidden gems where the thermometer doesn't cross 20 degrees
