Reserve Bank of India: India’s Central bank, the Reserve Bank of India has recently issued a statement on Development and Regulatory Policies in which the banking apex asked banks to replace the currently prevalent OTP-based identification with other safer alternatives. As per reports, there are so many advanced options available to replace OTP-based identification, but all of these require a smartphone for the authentication process.
RBI Plans to End OTP Era
Currently, a fintech company or bank usually sends an OTP to the mobile number associated with the account to complete a digital financial transaction as an additional layer of authentication. Only after entering this OTP, a user can complete the transaction which protects bank account security and prevents unauthorized use of financial information.
The RBI has stated that it intends to expedite the additional factor of authentication (AFA) procedure rather than do away with the authentication process entirely.
“Though RBI has not prescribed any particular AFA, the payments ecosystem has largely adopted SMS-based one-time password (OTP). With innovations in technology, alternative authentication mechanisms have emerged in recent years. To facilitate the use of such mechanisms for digital security, it is proposed to adopt a principle-based “Framework for authentication of digital payment transactions,” mentions RBI statement.
Safer Alternatives That Can Be Adopted
A firm named, TruSense has introduced an authentication system that doesn’t require OTP. Instead of the OTP, this authentication system allows banks to establish a direct connection with their customer’s devices enabling token exchange and identification without requesting users’ OTP input.
Executive Vice President David Vigar, heading digital identity recently issued a cautionary note about depending just on biometrics for identification. He emphasized the dangers that come with artificial intelligence progress namely the possibility that deepfake technology may evade facial recognition systems.