** RBI Opens Discussion on Digital Payment Frauds - Window Open till May 8 2026 **

 09 April 2026

The Reserve Bank of India has released a discussion paper on exploring safeguards in digital payments to curb frauds, inviting public comments until May 8, 2026.

Over the past decade, digital payments have grown at an unprecedented pace. This growth reflects a structural shift in how individuals and businesses transact. However, alongside this progress, frauds have also evolved in scale, speed, and sophistication.

A key insight from the discussion paper is that most frauds today are not due to system breaches, but due to manipulation of users through social engineering and authorised push payments.

This changes how we must think about protection.

Link to the Reserve Bank of India Discussion Paper @ https://www.rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=62535

---

The Core Challenge

Fraud today operates in real time.

Customers are:

• pressured
• misled
• and pushed to act instantly

Once a transaction is completed, recovery becomes difficult.

---

A Shift in Thinking

The question is no longer only about making payments faster.

It is about making them safer by design.

This includes:

• introducing friction where needed
• enabling smarter alerts
• strengthening customer controls
• and building system-level safeguards

---

Why This Matters

The discussion paper is not just about regulations.

It is about redesigning trust in digital payments.

Options such as:

• introducing time lag for certain transactions
• adding trusted person authentication
• strengthening account monitoring
• and enabling customer-controlled safeguards

reflect a broader shift toward proactive protection.

---

A Moment to Contribute

The window is open.

Inputs at this stage can shape how digital payment systems evolve in the coming years.

---

Closing Thought

Fraud cannot be solved by awareness alone.

It must be addressed through system design, timing, and control.

The future of digital payments will depend not only on speed, but on how well systems can protect users in moments of vulnerability.

---

Comments can be submitted through the Connect 2 Regulate portal on the RBI website until May 8 2026.

Please go through the discussion paper, discussion within your teams, and share your feedback with Reserve Bank Of India by May 8, 2026.

 

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

 

In These Small Moments, Something Larger Is Changing | Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 06 April, 2026

The Reserve Bank of India’s draft on customer protection in digital transactions is open for public comments, with today being the last day.

The document sits there, formally—on https://www.rbi.org.in (Notifications), supported by systems like https://cybercrime.gov.in and helpline 1930.

My earlier reflections on this subject are at:
01) https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html
02) https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html
03) https://prashantnepayments.blogspot.com/2026/04/rbi-draft-2026-zero-liability-digital-transactions-protection.html

What This Draft Fundamentally Introduces

At its core, the draft introduces three clear shifts:
• Defined timelines for reporting (like the 5-day window)
• Conditional zero or limited customer liability
• Greater responsibility on banks to enable and respond

Everything else builds around these.

---

It could be a late evening.
A message comes in.
“₹8,000 debited…”

For a second, it doesn’t register.
You look again.
You scroll.
You pause.

Maybe it was something you forgot.
Maybe it’s nothing.
Or maybe… it isn’t.

---

Over the past few days, I didn’t experience this draft as a document.
I experienced it through moments like this.

Small ones.
Almost easy to miss.

---

These Moments Are Not Rare

A small business owner, between customers, phone buzzing quietly in the pocket.
A notification seen—but not opened.
“Will check later.”

Later becomes night.
Night becomes the next day.
And somewhere in between,
time quietly moves ahead.

---

Or an elderly parent.
A call.
A voice that sounds convincing.
A request that feels urgent.

OTP shared—not out of carelessness,
but out of trust.

Minutes later,
a message arrives.
And with it,
a realization that comes just a little too late.

---

Nothing here looks dramatic.
No alarms.
No flashing warnings.
Just ordinary life.

And that is exactly where this draft begins to matter.

---

What Is Quietly Changing

In these same moments, something is different now.

• That message is no longer just information—it allows response
• That delay is no longer invisible—it has a boundary
• That responsibility is no longer one-sided—it begins to shift
• That loss is no longer absolute—it may be shared

---

Four Moments That Stayed With Me

When I step back, four moments emerge—
not as clauses, but as experiences:

---

The Moment of Action

A simple alert.
But now, with the ability to respond.

From:
• reading

To:
• acting

A small shift.
But one that brings response into the same moment as awareness.

---

The Moment of Time

A 5-day window.
Not too short.
Not too long.

Just enough to recognise, and respond.

A quiet reminder that:
Protection is not just about what happens
but when we respond to it

---

The Moment of Trust

Zero liability.
A phrase that feels reassuring.

But more than that, it answers a deeper question:
“Will I be left alone in this?”

And for the first time, it feels like:
“Not always.”

---

The Moment of Recovery

Recovery may not always be complete.
But the intent is clear:
Loss is no longer expected to rest entirely on the customer.

It reflects a shift towards shared responsibility,
where outcomes are not absolute,
but more balanced than before.

---

From Moments to Meaning

Individually, these appear as rules.
Together, they form a system:

Awareness → enables Action
Action → is shaped by Time
Time → builds Trust
Trust → influences Recovery

This is not just a checklist.

It is a designed flow of protection.

---

A Subtle Shift in Thinking

What stood out to me across this draft is a quiet shift.

From:
• defining liability

To:
• shaping behaviour

From:
• assigning blame

To:
• enabling response

And somewhere in between:

👉 A shared responsibility begins to emerge

Not imposed.
Not forced.
But designed.

---

A Personal Reflection

Digital transactions have become routine.
A tap.
A scan.
A transfer.

Things we don’t think twice about.
Until one day, something feels off.

And in that moment, what matters is not just technology.

It is:
• how quickly we can act
• how clearly the system responds
• and whether we feel supported

---

Final Thought

Protection in digital transactions is not created in one step.
It is built across moments.

Small ones.
Quiet ones.
Often unnoticed ones.

And perhaps,
if these small moments are becoming more responsive,
more time-bound,
and more shared,

then something larger is quietly improving:

Not just systems,
but the experience of being protected within them.

Yes, moments are important in a Digital Payment process.

In digital transactions, protection is built not in rules, but in the moments when we notice, act, and respond.

What next – By now, Reserve Bank of India must have received few inputs. Or as is the norm, the last-minute inputs will be bit more. Either way, the respective Reserve Bank of India team will go through the inputs and release the final notification.

Once the final notification is in public domain, the respective stakeholders will start working for the Go Live Date.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions

—
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed: April 11)

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs

https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

85% Protection: A Safety Net for Digital Transactions: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 05 April 2026

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, strengthening customer protection in digital transactions.

The draft can be accessed via https://www.rbi.org.in (Notifications section), while fraud reporting continues through https://cybercrime.gov.in and helpline 1930.

In earlier reflections, I explored how reporting is becoming immediate, how timing shapes protection, and how responsibility begins to shift.

This time, I paused at something different—a number.

My earlier reflections on this subject are at

01)               https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

02)              https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html

03) https://prashantnepayments.blogspot.com/2026/04/rbi-draft-2026-zero-liability-digital-transactions-protection.html

A Personal Pause at 85%

Within the draft, there is a structured provision:

👉 Compensation of up to 85% of loss (or ₹25,000 cap) in certain small-value fraud cases

At first glance, it feels specific.

But on reflection, it feels carefully designed.

---

Not Zero, Not Full — Something In Between

This provision sits between two extremes:

• Not full reimbursement
• Not complete loss

Instead, it creates a middle path.

For fraud cases up to ₹50,000:

• A portion of the loss is absorbed
• The impact on the customer is reduced

It is not perfection.

But it is protection.

---

A Different Kind of Responsibility

What stood out to me is the shift in approach.

Instead of asking:

Who should bear the loss completely?

The framework suggests:

Let the loss be shared

Across:

• the system
• the banks
• and the broader ecosystem

This creates a structured safety net, rather than a binary outcome.

---

The Human Side of It

Most fraud cases are not large in value.

But they are:

• frequent
• unsettling
• personal

For someone facing such a situation,
even partial recovery matters.

It does not undo the event.

But it softens the impact.

---

A Simple Way to Understand This

In practice, this could mean:

• For smaller fraud cases (up to ₹50,000), partial compensation may apply
• Typically, up to 85% of the loss (subject to a cap)
• The compensation is shared across institutions within the system

At the same time:

• Timely reporting remains important
• Delays or certain forms of negligence may affect eligibility

---

Connecting the Series

If I step back and look at the journey:

• Alerts are becoming actionable
• Reporting is becoming immediate
• Timing is becoming decisive
• Responsibility is becoming shared
• And now, loss is being partially absorbed

This does not feel like isolated provisions.

It feels like layers of protection being built over time.

The dots need to be identified and connected.

---

Final Reflection

85% is not a perfect number. Well, it is difficult for any number to be perfect.

But it is a thoughtful one.

It acknowledges that:

• systems are not flawless
• users are not always at fault
• and losses should not fall entirely on one side

In digital transactions, protection is evolving—
not as a single guarantee, but as a combination of support mechanisms.

And this feels like one such step.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

When Zero Liability Truly Means Zero: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 04 April, 2026

 

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, strengthening customer protection in digital transactions.

The draft can be accessed via https://www.rbi.org.in (Notifications section), while fraud reporting continues through https://cybercrime.gov.in and helpline 1930.

In the earlier reflections, I explored how reporting is becoming immediate, and how timing shapes protection. This time, I paused at something deeper.

The earlier reflections are available at

01)               https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html

A Personal Pause at “Zero Liability”

Within the draft, there is a clear provision:

👉 Customers may have zero liability in certain fraud situations, especially where the fault lies with the bank or where timely reporting is made. (The Indian Express)

At first glance, it feels reassuring.

But on reflection, it feels transformative.

---

Beyond the Phrase

“Zero liability” is not a general promise.

It is structured.

It applies in cases such as:

• fraud arising from bank negligence
• certain third-party breaches (when reported within time)

And importantly:

👉 Once a fraud is reported, any further loss is borne by the bank (The Indian Express)

---

The Human Meaning

For a customer, this shifts something fundamental.

There has always been a silent concern:

“If something goes wrong, will I have to bear the loss?”

This provision begins to answer that.

It introduces:

• reassurance
• accountability
• a sense that the system stands with the customer

---

Where the Shift Happens

What stood out to me is not just the rule—
but the moment it activates.

The moment a customer:

• notices something unusual
• takes action
• reports it

From that point, the system responds differently.

👉 Before reporting → uncertainty
👉 After reporting → protection strengthens

---

Connecting the Flow

Looking across the draft:

• Alerts are becoming actionable
• Reporting is becoming immediate
• Timing is becoming decisive
• And now, responsibility begins to shift

This does not feel like isolated provisions.

It feels like a designed journey of protection.

---

Final Reflection

Zero liability is not just about removing loss.

It is about building confidence.

Confidence that:

• the system will step in when it fails
• the burden will not always fall on one side

In digital transactions, trust is built slowly.

And this feels like one such step.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

Closing Note

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

 

5 Days That Decide Your Protection: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 March 26,2026

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, inviting feedback on updated customer protection norms in electronic banking transactions.

The draft builds on earlier directions and reflects evolving realities of digital payments and fraud risks.

Those interested can review the draft and share their inputs via the RBI website: https://www.rbi.org.in → Notifications section, or directly explore the draft document here: https://www.rbi.org.in/Scripts/NotificationUser.aspx (navigate to latest draft directions).

For broader context on cyber fraud reporting, the National Cyber Crime Portal (https://cybercrime.gov.in) and helpline 1930 also continue to play an important role alongside these proposed changes.

 

Last week, while going through the Reserve Bank of India’s draft on customer protection in digital banking, one idea stayed with me.

Not a definition.
Not a compensation rule.

But a simple window of time.

A Personal Pause at the 5-Day Rule (Para DA.4 - 76L.)

 

Within the draft, there is a clear reference:

👉 Reporting within 5 calendar days plays a key role in determining customer protection in fraud cases.

At first, it feels procedural.

But on reflection, it feels decisive.

---

From Awareness to Timing

In the earlier post, I reflected on how reporting is becoming immediate—
how action is now built into the transaction alert itself.

Link to my earlier post @ https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

 

But this takes it one step further.

It quietly tells us:

It is not just about reporting
It is about when you report

---

The Human Reality

In real life, fraud is rarely identified instantly.

Sometimes:

• the message is ignored
• the doubt comes later
• the realization happens after a few hours… or days

And that delay—very human, very natural—
now begins to shape the outcome.

---

What These 5 Days Mean

Within this window:

• customer protection is stronger
• outcomes are more favourable
• the system responds with greater support

Beyond this window:

• the nature of protection begins to change

It is a simple boundary.
But it carries weight.

5 Days means 5 Days – Nothing More, Nothing Less

---

A Subtle Shift in Responsibility

What stood out to me is this:

The system is evolving to support the customer—
but it is also asking the customer to act within time.

There is a balance emerging:

👉 System enables action
👉 Customer enables timing

---

Connecting the Dots

If I step back and look at the flow:

• Alerts are becoming actionable
• Reporting is becoming immediate
• And now, timing is becoming decisive

It feels like a sequence, not isolated rules.

---

Final Reflection

In digital transactions, protection is not only about preventing fraud.

It is also about:

• how quickly it is noticed
• how quickly it is reported

These 5 days are not just a timeline.

They are a window of protection.

And sometimes,
a small window is what makes the biggest difference.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com