The Reserve Bank of India (RBI) has recently released a discussion paper proposing new security measures to combat the rising tide of digital payment fraud. It is important to clarify that this is currently a proposal for public feedback and not yet an implemented rule.
Below is a summary of the key aspects of this proposal as of April 2026.
Key Details of the RBI Proposal
The core of the proposal is to introduce a "cooling-off" period for certain digital transactions to prevent irreversible fraud caused by social engineering and pressure tactics.
Proposed Mechanism: A mandatory delay of up to one hour for certain digital fund transfers (UPI and IMPS) exceeding Rs 10,000.
How it Works: During this one-hour window, the transaction would be "pending." While the amount may be provisionally debited from the sender's account, it would not be immediately credited to the receiver. This allows the sender a critical window to review, verify, or cancel the transaction if they realize they have been targeted by a fraudster.
Scope: The proposal primarily targets Person-to-Person (P2P) transfers.
Exclusions: Payments to verified merchants (Person-to-Merchant/P2M), e-mandates, recurring bill payments, and cheque transactions are expected to remain unaffected to ensure that daily commerce continues without disruption.
Whitelisting Feature: The RBI has suggested implementing a "whitelisting" option, where users can mark specific, trusted beneficiaries. Transactions made to these whitelisted accounts would likely bypass the one-hour cooling-off period.
Why is this being proposed?
The RBI noted a significant surge in digital payment fraud, particularly "Authorised Push Payment" (APP) fraud, where victims are tricked via social engineering into making instant transfers.
The "Golden Hour": The RBI aims to create a "golden hour" for intervention. By breaking the sense of urgency that fraudsters use to manipulate victims, the central bank believes many fraudulent transfers can be stopped before the funds are irretrievably moved.
The Data: According to the National Cyber Crime Reporting Portal (NCRP), digital payment fraud cases have risen dramatically, with the total value of such frauds reaching approximately Rs 22,931 crore in 2025, up from Rs 551 crore in 2021. Transactions above Rs 10,000 account for about 45% of fraud cases by volume, but roughly 98.5% of the total fraud value.
Other Proposed Safeguards
In addition to the one-hour delay, the discussion paper suggests several other security measures:
"Kill Switch": A feature allowing users to instantly freeze all digital payments on their account if they suspect a compromise.
Enhanced Verification for Vulnerable Users: For individuals over 70 years old or those with disabilities, the RBI is considering a requirement for a "trusted person" to authorize transactions exceeding Rs 50,000.
Account Monitoring: Tighter scrutiny of accounts receiving large, unusual credits and caps on suspicious accounts.
Status and Next Steps
Not Final: This is a discussion paper intended to gather input from the public and stakeholders.
Feedback Window: The RBI has invited feedback on these proposals via their "Connect 2 Regulate" portal until May 8, 2026.
Implementation: After reviewing the feedback, the RBI will decide whether to issue draft guidelines and eventually final circulars regarding the implementation of these measures.