KARACHI: In a significant step to improve the security of digital payments, the State Bank of Pakistan (SBP) has announced new guidelines for banks and Microfinance Banks (MFBs), enabling them to enhance customer notification systems and transaction security on mobile apps. The guidelines are set to come into effect from January 1, 2025.
The rapid growth in Digital Banking Products and Services supports digital transformation of the financial landscape and enables the banks and MFBs to cater to the growing needs of banking customers. However, adoption of digitization needs to be supplemented with necessary controls to mitigate the risk of fraudulent activities.
Accordingly, last year the State Bank prepared a set of control measures to enhance the security of digital banking products and services and financial institutions were required to implement these measures for strengthening the security of digital payments.
SBP reposes its confidence in digital payment infrastructure
In this regard, SBP has issued fresh directives related to customer notifications for digital payments via mobile apps.
SBP has hereby advised that the Banks and MFBs, who have implemented the required measures as issued by the SBP last year, are allowed to replace the requirement of One Time Passwords (OTP) via SMS for financial transactions conducted using their banking apps or internet banking portals with Transaction PIN (TPIN)/ Financial PIN (FPIN) functionality.
Now the banks and MFBs are required to send free of cost transactional alerts to their customers for transactions conducted via mobile apps via push notification, in-app notification and email alerts in place of SMS.
However, the Banks and MFBs will ensure that in-app/ push notifications on mobile apps of their customers shall always remain enabled. Further, Banks and MFBs shall maintain complete logs of transaction notifications sent to their customers and make them available in case of disputes or claims.
Banks/ MFBs also send customer notifications for financial transactions as per prescribed templates and this will supersede the instructions contained in sections 10 (III) of PSD Circular No. 3 dated May 09, 2018.
According to SBP, in case of any incidents of frauds or unauthorized transactions through customers’ mobile apps, Banks and MFBs will be liable to compensate their affected customer(s) as per the liability framework laid down in BPRD Circular No. 04 of 2023.
Bankers said that this change aims to bolster the security framework of digital banking, offering customers a more secure and streamlined experience when conducting financial transactions. The move also addresses growing concerns about SMS-based fraud, which has been a challenge for financial institutions worldwide.
Copyright Business Recorder, 2024
Comments
Comments are closed.