Please refer to BPRD Circular No 4 dated April 14, 2023, wherein Banks/MFBs were required to implement measures for strengthening the security of the digital payments.

2. In this regard, it is hereby advised that the Banks/MFBs who have implemented the required measures as stipulated in the above referred circular are allowed to:


1. Replace the requirement of One Time Passwords (OTP) via SMS for financial transactions conducted using their banking apps or internet banking portals with Transaction PIN (TPIN)/Financial PIN (FPIN) functionality.


2. Send free of cost transactional alerts via push notification, in-app notification and email alerts in place of SMS, to their customers for transactions conducted via mobile apps. However, the Banks/MFBs shall ensure that in-app/push notifications on mobile apps of their customers shall always remain enabled. Further, Banks/MFBs shall maintain complete logs of transaction notifications sent to their customers and make them available in case of disputes or claims.


3. Banks/MFBs shall send customer notifications for financial transactions as per the attached templates at Annexure A. This shall supersede the instructions contained in sections 10 (III) of PSD Circular No. 3 dated May 09, 2018.


4. In case of any incidents of frauds/unauthorized transactions through customers’ mobile apps, Banks/MFBs shall be liable to compensate their affected customer(s) as per the liability framework laid down in BPRD Circular No. 04 of 2023.


5. The aforementioned instructions shall come into effect from 1st January, 2025


6. Please acknowledge receipt.

Encl: Annexure A