What is RBI's kill switch proposal? What it means for your UPI, cards, net banking access

The RBI has proposed a 'Kill Switch' mechanism that would allow users to instantly disable all digital payment transactions from their account in one move, a measure the central bank believes could significantly reduce online fraud.

The proposal is part of its Discussion Paper on Exploring Safeguards in Digital Payments to Curb Frauds, which outlines several steps to address the surge in digital transaction fraud.

The RBI noted that card-based payment systems already offer customers a switch-on/off facility for domestic and international usage, along with options to set transaction limits. It acknowledged that this feature has helped customers better control their payment instruments and reduce fraud.

However, the central bank pointed out that similar user-controlled mechanisms are not uniformly available across other digital payment channels, a gap the kill switch seeks to address.

The Singapore model

The idea draws from Singapore, where a kill switch already exists, allowing customers to instantly lock their online banking accounts via a mobile app or hotline, disabling fund transfers, digital banking access and payment functions. The lock can only be reversed after identity verification by the bank.

On similar lines, the RBI proposed that customers be given a single facility to disable all digital payment transactions from their account at once. It clarified that activating the kill switch at the account level would override all other controls and configurations set up by the account holder.

The RBI further stated that once the kill switch is enabled, customers could re-activate digital payments either through digital modes, subject to stringent authentication and verification measures, or by visiting a bank branch in person. It added that for re-activation through digital modes, banks would be required to put relatively stricter verification measures in place to confirm the customer's identity.

The central bank also noted that certain transactions, such as payment mandates and standing instructions, may be exempted from the kill switch. It further raised a key policy question, whether digital payment modes should be disabled by default for new customers unless explicitly enabled by them, even as the kill switch remains an optional facility for existing customers.

Pros and cons

The proposal strengthens customer-controlled security, allowing users to customise payment access based on their usage patterns and risk appetite. In fraud situations, where time is critical, the kill switch would let customers disable all digital payment access instantly, without navigating multiple systems or contacting different service providers. It also promises a more uniform and robust customer protection framework across the payments ecosystem.

That said, challenges remain. Customers could inadvertently activate the switch, disrupting legitimate transactions. Rolling out a universal kill switch across UPI, cards, net banking, wallets and other instruments would require significant technological development. And if a fraudster has already gained temporary access to a customer's device, the controls may offer little protection.