Actionable insights on equities, fixed-income, macros and personal finance Start 14-Days Free Trial
Actionable investing insights Get Free Trial

RBI May Allow Small Value Transactions Without Two Factor; Merchants To Take Abuse Risk


I’m going soft on the RBI.

I really, really, really like Rajan’s presentation – I mean just the slides, since I wasn’t actually there – that were released today, as part of his speech at the FICCI-IBA Annual Conference. The clarity of thought is appealing, and that he sought to clear misconceptions about regulation, even more. (I’m not the kind of guy given to superlatives, especially not when it comes to the RBI, so I’ll just stop here)

I’ll highlight three parts of his presentation that I found quite interesting, in three quick posts. Firstly, two slides on the two-factor authentication issue that’s plagued the Indian startup space recently about how RBI is being a dick. (I have argued that what companies like Uber are doing is “cheating” the regulation, which has a good solid reason.)


The case for regulation is obvious – if everyone else in India has to do this, then no one should be able to by-pass it. But yes, there’s a need to ease the issue for faster processing, especially where the value of a service is not known at the time of booking (like in a taxi ride).

The RBI process of “doing better” is interesting because:

  • It will allow companies like Uber to operate if they bear the costs of misuse!
  • The small payment (like Uber which is likely to be less than 1000 rupees) is going to have some kind of exemption. This is also good news.

I do not want any company to be able to use just card information to charge me even if it’s just Rs. 10. Let me tell you why.

This still invites abuse in the sense that I need to call up my bank for each such abusive transaction, even if it’s small value. If my credit card information is read and a merchant were to charge a Rs. 10 fee, then he might be willing to take the risk that he has to pay it back if I refute it, but I still must spend the time trying to refute the charge!

If anyone has tried to call up their bank and refute transactions they will not have spent less than half an hour on hold or without having to type at least 10 different numbers and 6 IVR levels and pressed 9,0,# or anything in frustration. I would rather pull my hair out one by one than have to do this kind of thing for every abusive transaction. And that’s for those of us that are educated; if it frustrates us, how does it work for those that don’t have such knowledge?

Exactly ZERO of all the cards I own has a toll free number – all support numbers are charged and half an hour to a landline is an expensive proposition. Paying Rs. 30 on a phone bill to refute a Rs. 10 transaction is, honestly, silly. (Heck, phone companies could charge you Rs. 10 each time and then pay you back the refuted charge after you’ve paid them the money to make the call…wait, let me not put ideas in their head)

I would suggest to the RBI that a small value transaction system without 2-factor must require banks to have toll free and very quick resolution frameworks for all cards, including by phone, SMS, email and the web. That means I should be able to dispute a transaction by just sending an SMS back with a unique transaction ID (which they generate when they send me an SMS of every transaction in the first place).

As an extension, the RBI should require all banks to adhere to a common “refute and report” protocol, which every credit card holder can access to refute non-two-factor authenticated charges. Every bank must be required to accept requests to refute such transactions in a common format, and have to respond with an okay (must allow refute unequivocally, as risk is with the merchant). So private parties can write apps to ease the dispute process further, because we can no longer trust our banks to do anything useful without beating them on the head with regulation.

Oh yes, easy “refute” can hurt the merchant but the merchant took the no-two-factor risk, remember?

With enforced quick refute/resolution in place, some merchants should be able to take the risk on smaller value transactions (say below Rs. 1000, or better, leave it to the banks to figure the lower limit per account). We could finally get:

  • a Uber or Ola style taxi ride with no need to pay at the end, credit card automatically charged
  • a prepaid recharge with automatic “reuse my credit card with rs. 330 when balance goes below 10”
  • a subscription of say Rs. 100 per month (newspapers, magazines)
  • a grocery charge that’s automatically charged to your account after delivery (instead of paying cash to the delivery guy)
  • renting small things (books, cycles, gear) leaving just your credit card information, which is charged on a daily/weekly basis.

And so much more – all of these are small payments which are currently done with cash or the more painful two-factor auth card system, which can be eased and made substantially more attractive.

The implications of the RBI rule change will be massive. We would love to have customers pay monthly for Capital Mind Premium, for instance, with an auto-billing service they can cancel when they like. (We are happy to bear the costs of any refutes – we will not charge customers for what they no longer want)


Like our content? Join Capitalmind Premium.

  • Equity, fixed income, macro and personal finance research
  • Model equity and fixed-income portfolios
  • Exclusive apps, tutorials, and member community
Subscribe Now Or start with a free-trial