The RBI has issued a new cybersafety policy for PSOs

The Reserve Bank of India has issued its Master Directions for Payment System Operators (PSOs) on Cyber Resilience and Digital Payment Security Controls.

Payment System Operators (PSOs) exactly what they sound like.

  • A payment system operator is a legal body in charge of running a payment system.
  • The PSO provides services based on certain models.
  • They outsource the majority of their payment and settlement-related tasks to numerous other organisations.
  • Google Pay (and other apps), Clearing Corporation of India, National Payments Corporation of India, Cards Payment Networks, Cross Border Money Transfer, ATM networks, Prepaid Payment Instruments, White Label ATM Operators, Instant Money Transfer, Trade Receivables Discounting System, Bharat Bill Payment System, and other PSOs are examples.

Key points from the draft

(1) Governance structures:

  • The draught emphasises the importance of strong governance structures for efficiently managing cybersecurity risks.
  • It addresses the dangers and weaknesses to information security that PSOs must address.
  • PSOs must create and manage a comprehensive cybersecurity architecture.

(2) Baseline Security Measures:

  • The draught establishes baseline security measures that PSOs must apply.
  • These safeguards are intended to protect digital payment systems against cyber threats.
  • PSOs must establish data security, access controls, incident response, and business continuity planning measures.

(3) Resilience to Cybersecurity Risks:

  • The guidelines aim to make PSOs resilient to both old and developing information systems, as well as cybersecurity issues.
  • PSOs are required to undertake risk assessments on a regular basis and apply suitable procedures to mitigate identified risks.
  • The statement emphasises the significance of ongoing cybersecurity monitoring and review.

(4) Digital Payment Transaction Security:

  • The directives’ primary goal is to improve the security of digital payment transactions.
  • Strong authentication systems, encryption standards, and secure communication protocols must all be implemented by PSOs.
  • The article emphasises the importance of comprehensive fraud monitoring and reporting processes.
And get notified everytime we publish a new blog post.