RBI mandates 2-factor authentication for all digital payments
Big update from the Reserve Bank of India: starting April 1, 2026, every digital payment—whether you're paying online or through an app—will need two-factor authentication.
That means you'll have to use two different types of authentication, such as a password, OTP, PIN, or fingerprint, and at least one step will be unique for each transaction.
The goal? Make your money even safer.
More on the new rules
This move is part of RBI's push to tighten security and promote interoperability.
By October 1, 2026, card issuers also need smarter checks for international online transactions (the kind where your card isn't physically present).
Plus, banks have to register their Bank Identification Numbers with card networks and can add extra checks for high-risk payments if needed—all aimed at keeping fraud in check.