The Reserve Bank of India (RBI) has issued the guidelines limiting consumers’ liability in case of unauthorised transactions that have taken place from their mobile wallets. As per the guidelines, Prepaid Payment Instrument (PPI) issuers will be required to provide a contact number and/or email ID in the transaction alert SMS through which consumers can report the unauthorised transactions or notify objections.
If an unauthorised transaction takes place from the customer’s mobile wallet due to the negligence of PPI issuer, then in that case the customer’s liability will be ZERO, as per these new guidelines.
As per the guidelines issued by RBI in a circular dated January 4, 2019, Prepaid Payment Instrument (PPI) issuers such as Paytm, Amazon Pay, PhonePe and so on must ensure that their customers mandatorily register for SMS alerts and also register for email, wherever available, alerts in order to get timely information about electronic payment transaction done using their mobile wallets.
According to the guidelines, whenever any transaction takes place from the customers’ mobile wallet, a mandatorily SMS alert as well as email alert (wherever email ID is available) has to be additionally sent. The transaction alert should have a contact number and/or e-mail id on which a customer can report unauthorised transactions or notify objections.
The central bank has also asked the PPI issuers to provide customers with 24X7 access via website/SMS/e-mail/a dedicated toll-free helpline for reporting unauthorised transactions that have taken place and/or loss or theft of the PPI.
RBI in its fifth bi-monthly monetary policy statement for 2018-19 issued in December, 2018 had announced that customers using mobile wallets will be provided same safety net as given to the credit/debit card holders.
In the policy statement issued, the central bank said, “The Reserve Bank has issued instructions on limiting customer liability in respect of unauthorised electronic transactions involving banks and credit card issuing non-banking financial companies (NBFCs). As a measure of consumer protection, it has been decided to bring all customers up to the same level with regard to electronic transactions made by them and extend the benefit of limiting customer liability for unauthorised electronic transactions involving Prepaid Payment Instruments (PPIs) issued by other entities not covered by the extant guidelines on the subject. The guidelines will be issued by the end of December 2018.”
Liability in case unauthorised transactions
As per the guidelines, if an unauthorised transaction takes place from the customer’s mobile wallet, then in that case the customer’s liability will be ZERO in case of contributory fraud/negligence/deficiency on the part of the PPI issuer, irrespective of whether or not the transaction is reported by the customer.
|If the customer reports the unauthorised transaction within three days||ZERO|
|If the unauthorised transaction is reported within four to seven days||Transaction value or Rs 10,000 whichever is lower|
|Beyond seven days||As per the Board approved policy of the PPI issuer|
In cases where the transaction has occurred due to the negligence by a customer, the customer will bear the entire loss until he/she reports the unauthorised transactions to the PPI issuer. If the loss occurs even after reporting the unauthorised transaction, then the loss shall be borne by the PPI issuer. This is the same as the rule applicable to credit/debit cards.
Once the unauthorised transaction has been reported to the PPI issuer, the amount shall be credited (notional reversal) to the customer’s account within 10 days from the date of reporting unauthorised transaction.
PPI issuers shall ensure that complaint is resolved and liability of the customer, if any, is established within 90 days period from the date of receipt of complaint.
If the PPI issuer is not able to resolve the issue within 90 days, then amount shall be paid to the customer irrespective whether the negligence is on the customer’s part or not.
The burden of proving customer’s liability in case of unauthorised transaction lies with the PPI issuer.