独家
NPCI首席执行官表示,印度正迅速成为全球勒索软件之都
Dilip Asbe说,少数参与者的主导地位可能不符合最大利益,有必要提高竞争。
-
BSNL视人力资源转型为转折点
在2022年至2032年的10年期间,平均每年将有近2000名员工退休,这使该公司成为一个更专注于与私营行业企业——Reliance Jio、Bharti Airtel和Vodafone Idea——竞争的组织。
-
-
-
印度据说正在迅速成为全球ransomware的首席执行官迪利普·阿斯贝表示:“随着网络攻击案件的增加,资本越来越多,而大幅减少它们的唯一方法是将所有支付机制通证化,不管初始成本有多高NPCI他告诉Ashwin Manikandan和MC Govardhana Rangan。
Asbe在独家互动中表示,少数玩家的主导地位可能不符合最佳利益,有必要提高竞争。
编辑摘录:
的统一支付接口7月和8月的单月交易首次超过30亿笔。这是一年内增长了一倍。这背后的原因是什么?
我们的重点是启用特定的用例。在印度证券交易委员会的支持下,我们的零售IPO申请数量接近50%UPI.这有助于扩大投资,尤其是在年轻一代中。类似地,AutoPay(重复授权)解决方案正在获得关注,Netflix和Hotstar正处于上线的初始阶段。e-RUPI刚刚发布。我们现在有200多家银行的客户使用UPI平台,我们打算将其推广到500家银行的客户。
有关付款失败的讨论一直在进行。自去年以来,NPCI在降低交易失败率方面的效果如何?
在监管机构的支持下,我们现在在所有系统(包括卡支付)上都有多个日常结算,包括周末,这在世界上尚属首例。这大大降低了结算风险,并允许银行和其他机构在NPCI系统上投入更多的交易量。去年,我们看到了数字交易的惊人增长。为了有效地管理这一增加的交易量,NPCI、银行以及Meity发布的仪表板和监管机构增加了核心平台的容量。如果你逐月看,交易失败已经大幅减少,最近的交易量增长就是布丁的证明。
NPCI最近与印度政府合作推出了E-Rupi。这个服务的实时实现是怎样的?
e-RUPI是一种上下文无关、特定目的和特定人员的解决方案。可能有许多用例可以利用这个新平台。该国最大的15家银行已经启用了工作流程;然而,接受生态系统仍然需要建立。它颠覆了标准的UPI模式,即客户扫描商家的二维码;在这里,商家扫描,因此需要智能手机。
网络攻击一直是数字领域最令人担忧的问题。已经发生了一些引人注目的客户支付数据泄露事件。NPCI是如何处理的?
这对生态系统来说是一个超级关键的问题。这是让我们担心和清醒的事情。最近,我读到印度正在成为或已经成为世界勒索软件之都,其中大部分需求都是加密货币。监管机构最近发布了一个强大的“通证化框架”,如果生态系统有效地采用它们,该框架将卡支付的风险降低到几乎为零。虽然可能会有一些批评,认为这可能会在短期内增加消费者的摩擦,但最终,如果出现大规模违约,责任总是在监管机构身上。问题是谁来承担责任,以及我们如何保护客户免受此类违规行为的影响?我们希望所有初创企业,无论其规模和风险偏好如何,都能参与支付,以扩大市场。但监管机构如何降低风险,而不是更好的技术实施呢?众所周知,安全标准和认证是必要的,但可能还不够。
那么标记化能解决这个问题吗?
我们NPCI认为,RBI的举措是受欢迎的一步,随着令牌化的有效实施,客户体验和信任将会增加。没什么好怕的。我记得2012年印度储备银行决定实施双因素认证时,也发生过类似的情况。整个行业都反对印度储备银行,在短短几年内,每个人都开始称赞这一决定,现在全世界都在采取同样的做法。客户保护总是涉及从长远来看有利于系统的强硬行动。监管机构必须毫不犹豫地实施,并应对短期批评。
NPCI本身的安全性如何?
我们NPCI确保应用强大而深入的安全标准-从基础设施到数据安全。我们将在未来几天内在RuPay中实现这一点,此外,UPI的固有设计提供了安全可靠的令牌化。
对UPI实施30%市场份额上限规则的理由是什么?即使是现在,PhonePe和GPay这两家公司也占据了85%的市场份额。这会有问题吗?
在实施市场份额上限时,要牢记集中风险方法,同时确保它不会在最大程度上阻碍UPI的增长。我们仍然相信现有的参与者,如Paytm, Amazon Pay和WhatsApp将在适当的时候增加他们的市场份额,这样我们就不需要干预或采取任何行动来减少或限制UPI的增长。现在,我们还看到流行的银行应用程序已经转换为成熟的UPI应用程序(我们长期的需求),例如iMobile,我们知道Yono和Payzapp将很快启用。有了这些措施,我们相信市场份额会自动平衡。我们正在积极咨询各个参与者,以增加他们在UPI的渗透率。虽然数字化仍处于这样一个初级阶段,但在不久的将来限制UPI的增长可能不符合国家的最佳利益。我们仍然需要UPI的巨大增长,特别是为了让该国未来的3亿用户拥有智能手机和银行账户,生态系统的努力将在未来24个月内实现这一目标。
MDR于2020年被免除。Rupay卡的发行受到了什么影响?
大部分MDR(由商家收取的接受数字支付的费用)用于这些服务的接受或基础设施部署。网络或票据交换所收取这些费用的10%到15%。这是生态系统的唯一收入来源,用于增加接受基础设施、优质客户服务或保护、谨慎的网络安全投资以及数字支付部分的整个参与者链的高端中央IT基础设施。我们认为应该征收合理的MDR费用,以便数字生态系统能够扩展和成长。RuPay和UPI,这些自主开发的系统由于这一规定在一定程度上处于不利地位。
回到网络攻击印度储备银行关于代币化的新规则能有什么帮助?
印度央行的意思是——你不能储存。有一个接受生态系统和发行生态系统,有一个网络。印度储备银行的意思是,除了网络和发行机构,没有人可以保存卡的详细信息。令牌化类似于任何人都可以存储的卡的别名。因此,即使发生泄露,客户卡数据也不会受到影响。另一方面,UPI从设计之初就已经是一个标记化的系统。对于卡片——数字是身份验证设计的一部分。虽然这给生态系统带来了短期负担,因此监管机构会受到批评,但我们必须着眼于长期。
NPCI已经开始使用标记化了吗?
我们已经上线Jio,并且正在上线GPay。我们已经与监管机构沟通,我们将在30年前准备好进行通证化th9月,我们将在RBI截止日期31日之前加入我们的生态系统圣12月。我们必须一个银行一个银行地证明我们的合作伙伴,这是要做的。
印度储备银行宣布了支付基础设施发展基金(PIDF)。这方面的实施进展如何?
它已经开始运作了。PIDF的目标是在查谟克什米尔和东北地区创建一个接受生态系统。POS和QR都有不同的接受模型。问题是先有需求还是先有供应。PIDF旨在修复第三层及以上的供给侧。PIDF是使下一个3亿人进入数字之旅的重要推动者。随着智能手机的普及
印度票据支付系统的前景如何?
我们非常看好BBPS和良好的增长。我们正在围绕bbpp建立一个生态系统。有由印度储备银行许可的运营单位。大约有15个以上的人获得了许可,还有15个以上的人有兴趣成为ou。我认为,围绕BBPS的生态系统将与银行、金融科技和初创公司一起成长。
据报道,印度储备银行现在正在考虑推迟新伞形实体计划。NUE的引入会影响NPCI领导的创新吗?你如何看待这个领域的竞争?
我们一直通过本地化创新来塑造市场,无论有无nue,我们都将继续这样做。我们一直在与在国际市场根深蒂固的国际信用卡计划进行非常激烈的信用卡和移动支付竞争。在这样一个快速发展的支付领域,如果没有创新和更快的执行速度,我们或任何人都无法生存或成功。
今天NPCI的设计更像是为了盈利。NPCI能与NUE竞争吗? NUE很可能会出现并按商业条款运作?
印度储备银行(RBI)和该国的顶级银行(在IBA的支持下)将NPCI创建为“公共利益”,并无私地培育并使这个组织取得了相当大的成功。中国似乎采用了印度十年前的做法,但每个国家都有不同的目标和议程。
Asbe在独家互动中表示,少数玩家的主导地位可能不符合最佳利益,有必要提高竞争。
编辑摘录:
我们的重点是启用特定的用例。在印度证券交易委员会的支持下,我们的零售IPO申请数量接近50%UPI.这有助于扩大投资,尤其是在年轻一代中。类似地,AutoPay(重复授权)解决方案正在获得关注,Netflix和Hotstar正处于上线的初始阶段。e-RUPI刚刚发布。我们现在有200多家银行的客户使用UPI平台,我们打算将其推广到500家银行的客户。
有关付款失败的讨论一直在进行。自去年以来,NPCI在降低交易失败率方面的效果如何?
在监管机构的支持下,我们现在在所有系统(包括卡支付)上都有多个日常结算,包括周末,这在世界上尚属首例。这大大降低了结算风险,并允许银行和其他机构在NPCI系统上投入更多的交易量。去年,我们看到了数字交易的惊人增长。为了有效地管理这一增加的交易量,NPCI、银行以及Meity发布的仪表板和监管机构增加了核心平台的容量。如果你逐月看,交易失败已经大幅减少,最近的交易量增长就是布丁的证明。
e-RUPI是一种上下文无关、特定目的和特定人员的解决方案。可能有许多用例可以利用这个新平台。该国最大的15家银行已经启用了工作流程;然而,接受生态系统仍然需要建立。它颠覆了标准的UPI模式,即客户扫描商家的二维码;在这里,商家扫描,因此需要智能手机。
网络攻击一直是数字领域最令人担忧的问题。已经发生了一些引人注目的客户支付数据泄露事件。NPCI是如何处理的?
这对生态系统来说是一个超级关键的问题。这是让我们担心和清醒的事情。最近,我读到印度正在成为或已经成为世界勒索软件之都,其中大部分需求都是加密货币。监管机构最近发布了一个强大的“通证化框架”,如果生态系统有效地采用它们,该框架将卡支付的风险降低到几乎为零。虽然可能会有一些批评,认为这可能会在短期内增加消费者的摩擦,但最终,如果出现大规模违约,责任总是在监管机构身上。问题是谁来承担责任,以及我们如何保护客户免受此类违规行为的影响?我们希望所有初创企业,无论其规模和风险偏好如何,都能参与支付,以扩大市场。但监管机构如何降低风险,而不是更好的技术实施呢?众所周知,安全标准和认证是必要的,但可能还不够。
那么标记化能解决这个问题吗?
我们NPCI认为,RBI的举措是受欢迎的一步,随着令牌化的有效实施,客户体验和信任将会增加。没什么好怕的。我记得2012年印度储备银行决定实施双因素认证时,也发生过类似的情况。整个行业都反对印度储备银行,在短短几年内,每个人都开始称赞这一决定,现在全世界都在采取同样的做法。客户保护总是涉及从长远来看有利于系统的强硬行动。监管机构必须毫不犹豫地实施,并应对短期批评。
NPCI本身的安全性如何?
我们NPCI确保应用强大而深入的安全标准-从基础设施到数据安全。我们将在未来几天内在RuPay中实现这一点,此外,UPI的固有设计提供了安全可靠的令牌化。
对UPI实施30%市场份额上限规则的理由是什么?即使是现在,PhonePe和GPay这两家公司也占据了85%的市场份额。这会有问题吗?
在实施市场份额上限时,要牢记集中风险方法,同时确保它不会在最大程度上阻碍UPI的增长。我们仍然相信现有的参与者,如Paytm, Amazon Pay和WhatsApp将在适当的时候增加他们的市场份额,这样我们就不需要干预或采取任何行动来减少或限制UPI的增长。现在,我们还看到流行的银行应用程序已经转换为成熟的UPI应用程序(我们长期的需求),例如iMobile,我们知道Yono和Payzapp将很快启用。有了这些措施,我们相信市场份额会自动平衡。我们正在积极咨询各个参与者,以增加他们在UPI的渗透率。虽然数字化仍处于这样一个初级阶段,但在不久的将来限制UPI的增长可能不符合国家的最佳利益。我们仍然需要UPI的巨大增长,特别是为了让该国未来的3亿用户拥有智能手机和银行账户,生态系统的努力将在未来24个月内实现这一目标。
MDR于2020年被免除。Rupay卡的发行受到了什么影响?
大部分MDR(由商家收取的接受数字支付的费用)用于这些服务的接受或基础设施部署。网络或票据交换所收取这些费用的10%到15%。这是生态系统的唯一收入来源,用于增加接受基础设施、优质客户服务或保护、谨慎的网络安全投资以及数字支付部分的整个参与者链的高端中央IT基础设施。我们认为应该征收合理的MDR费用,以便数字生态系统能够扩展和成长。RuPay和UPI,这些自主开发的系统由于这一规定在一定程度上处于不利地位。
回到网络攻击印度储备银行关于代币化的新规则能有什么帮助?
印度央行的意思是——你不能储存。有一个接受生态系统和发行生态系统,有一个网络。印度储备银行的意思是,除了网络和发行机构,没有人可以保存卡的详细信息。令牌化类似于任何人都可以存储的卡的别名。因此,即使发生泄露,客户卡数据也不会受到影响。另一方面,UPI从设计之初就已经是一个标记化的系统。对于卡片——数字是身份验证设计的一部分。虽然这给生态系统带来了短期负担,因此监管机构会受到批评,但我们必须着眼于长期。
NPCI已经开始使用标记化了吗?
我们已经上线Jio,并且正在上线GPay。我们已经与监管机构沟通,我们将在30年前准备好进行通证化th9月,我们将在RBI截止日期31日之前加入我们的生态系统圣12月。我们必须一个银行一个银行地证明我们的合作伙伴,这是要做的。
印度储备银行宣布了支付基础设施发展基金(PIDF)。这方面的实施进展如何?
它已经开始运作了。PIDF的目标是在查谟克什米尔和东北地区创建一个接受生态系统。POS和QR都有不同的接受模型。问题是先有需求还是先有供应。PIDF旨在修复第三层及以上的供给侧。PIDF是使下一个3亿人进入数字之旅的重要推动者。随着智能手机的普及
印度票据支付系统的前景如何?
我们非常看好BBPS和良好的增长。我们正在围绕bbpp建立一个生态系统。有由印度储备银行许可的运营单位。大约有15个以上的人获得了许可,还有15个以上的人有兴趣成为ou。我认为,围绕BBPS的生态系统将与银行、金融科技和初创公司一起成长。
据报道,印度储备银行现在正在考虑推迟新伞形实体计划。NUE的引入会影响NPCI领导的创新吗?你如何看待这个领域的竞争?
我们一直通过本地化创新来塑造市场,无论有无nue,我们都将继续这样做。我们一直在与在国际市场根深蒂固的国际信用卡计划进行非常激烈的信用卡和移动支付竞争。在这样一个快速发展的支付领域,如果没有创新和更快的执行速度,我们或任何人都无法生存或成功。
今天NPCI的设计更像是为了盈利。NPCI能与NUE竞争吗? NUE很可能会出现并按商业条款运作?
印度储备银行(RBI)和该国的顶级银行(在IBA的支持下)将NPCI创建为“公共利益”,并无私地培育并使这个组织取得了相当大的成功。中国似乎采用了印度十年前的做法,但每个国家都有不同的目标和议程。
India<\/a> is said to be fast becoming the global ransomware<\/a> capital, with mounting cases of cyber-attacks, and the only way to reduce them substantially is to tokenize all payment mechanisms, regardless of high initial costs, Dilip Asbe, CEO of NPCI<\/a>, tells Ashwin Manikandan and MC Govardhana Rangan.
Dominance of a few players may not be in the best interest and there is a need to raise competition, Asbe said in the exclusive interaction.
Edited excerpts:<\/strong>
Dominance of a few players may not be in the best interest and there is a need to raise competition, Asbe said in the exclusive interaction.
Edited excerpts:<\/strong>
<\/div><\/div>The Unified Payments Interface<\/a> has recorded over 3 billion transactions a month in July and August for the first time. This is a doubling of growth in a year. What is driving this?
<\/strong>
Our focus has been on enabling specific use cases. With the support of SEBI, we are nearing 50% of total retail IPO applications using UPI<\/a>. It is helping expand investments, especially among the younger generations. Similarly, the AutoPay (recurring mandates) solution is gaining traction, and Netflix, Hotstar are in the initial stages of going live. e-RUPI<\/a> has just been launched. We now have customers of more than 200 banks using the UPI platform, and we intend to roll this out to clients of 500 banks.
There have been discussions about payment failures. How effective has NPCI been in bringing down transaction failure rates since last year?
<\/strong>
With the regulatory support, we now have multiple daily settlements including the weekends on all our systems including the card payments \u2013 the first of its kind in the world. This reduces settlement risks significantly and allows banks and others to put more volumes on NPCI systems. Last year, we saw an incredible increase in digital transactions. To manage this increased volume efficiently, NPCI, banks, with the dashboard published by Meity and the regulator have increased the capacity of core platforms. If you see month on month, the transaction failures have reduced substantially, and recent volume growth is proof of the pudding.
<\/strong>
Our focus has been on enabling specific use cases. With the support of SEBI, we are nearing 50% of total retail IPO applications using UPI<\/a>. It is helping expand investments, especially among the younger generations. Similarly, the AutoPay (recurring mandates) solution is gaining traction, and Netflix, Hotstar are in the initial stages of going live. e-RUPI<\/a> has just been launched. We now have customers of more than 200 banks using the UPI platform, and we intend to roll this out to clients of 500 banks.
There have been discussions about payment failures. How effective has NPCI been in bringing down transaction failure rates since last year?
<\/strong>
With the regulatory support, we now have multiple daily settlements including the weekends on all our systems including the card payments \u2013 the first of its kind in the world. This reduces settlement risks significantly and allows banks and others to put more volumes on NPCI systems. Last year, we saw an incredible increase in digital transactions. To manage this increased volume efficiently, NPCI, banks, with the dashboard published by Meity and the regulator have increased the capacity of core platforms. If you see month on month, the transaction failures have reduced substantially, and recent volume growth is proof of the pudding.
<\/div><\/div>NPCI recently launched E-Rupi with the government of India. How is the live implementation of this service?
<\/strong>
e-RUPI is a context-free, purpose-specific and person-specific solution. There could be many use cases that can leverage this new platform. The top 15 banks of the country have already enabled the workflows; however, the acceptance ecosystem will still have to be built. It reverses the standard UPI model of customers scanning the merchant QR code; here the merchant scans and thus needs the smart phone.
Cyber-attacks have been the biggest worry in the digital space. There have been some high-profile breaches of customer payment data. How is NPCI dealing with it?
<\/strong>
This is a super critical issue for the ecosystem. This is something that keeps us worried and awake. Recently I read that India is becoming or has become the Ransomware capital of the world, and most of these demands are in crypto currencies. The regulator has recently delivered a strong \u201ctokenisation framework\u201d which reduces the risk to almost near zero for card payments, if the ecosystem adopts them effectively. While there may be some criticism that it may increase the consumer friction in short term, finally, if there is a large breach, the blame is always on the regulator. The question is who takes the liability, and how do we protect the customers from such breaches? We want all start-ups, irrespective of their size and risk appetites, to participate in payments to expand the market. But how does the regulator mitigate the risk than better technology implementation? As we all know, security standards and certifications are necessary but may not be adequate.
So does tokenization address it?
<\/strong>
We at NPCI believe RBI\u2019s initiative is a welcome step and with efficient implementation of tokenization, the customer experience and trust will actually increase. There is nothing to fear. I recall a similar situation when RBI decided to implement the 2-factor authentication in 2012. The entire industry was against the RBI and, in just a few years, everyone started praising the decision and now the world is adopting the same. Customer protection always involves tough actions which benefit the system in the long-run. The regulator must implement without hesitation and deal with short-term criticism.
What about security at NPCI itself?
<\/strong>
We at NPCI ensure that robust and in-depth security standards are applied \u2013 from infrastructure to data security. We are gearing to implement this in RuPay in the next few days, and in addition the UPI with its inherent design offers safe and secure tokenization.
What is the rationale behind implementing the 30% market share cap rule for UPI? Even now two firms - PhonePe and GPay - are dominating 85% of the market. Will this be a problem?
<\/strong>
The market share cap is implemented keeping in mind the concentration risk approach while ensuring that it doesn\u2019t hinder the growth of UPI to the extent possible. We still believe the existing players such as Paytm, Amazon Pay and WhatsApp shall increase their market share in due course so that we don\u2019t need to interfere or take any action to reduce or curtail the growth of UPI. Now, we also see that popular banks\u2019 apps have been converted to full-fledged UPI apps (our long demand) example is iMobile, and we understand Yono and Payzapp shall enable soon. With these measures, we believe that the market share should balance itself out. We are actively consulting various players to increase their penetration in UPI. While digital is still at such a nascent stage, curtailing the UPI growth in the near future may not be in the best interests of the country. We still need huge growth in UPI, especially to enable the next 300 million users in the country who have smartphones and bank accounts, and the ecosystem efforts shall make it happen in the next 24 months.
The MDR was waived in 2020. What has been the impact on Rupay card issuances?
<\/strong>
Majority of the MDR (charges from the merchants to accept digital payments) funds the acceptance or infrastructure deployment of those services. The network or the clearing house gets about 10 to 15% of these charges. This is the only source of revenue for the ecosystem to fund the increasing the acceptance infrastructure, superior customer service or protection, prudent cyber security investments and the upscale central IT infrastructure by the entire chain of players part of digital payments. We believe that reasonable MDR charges should be levied so that the digital ecosystem can expand and grow. RuPay and UPI, the home-grown systems are put to disadvantage to some extent due to this regulation.
Coming back to cyber attacks<\/a>, how can RBI\u2019s new rules on tokenization help?
<\/b>What RBI is saying is \u2013 you can\u2019t store. There is an acceptance ecosystem and issuance ecosystem and there is a network. What the RBI is saying is that apart from the network and issuer, nobody can save card details. Tokenization is something like an alias number for the card which can be stored by anyone. So even if there is a breach, the customer card data won\u2019t be impacted. UPI on the other hand is already a tokenized system right from the design. For cards \u2013 the number is part of the authentication design. While it puts a short-term burden on the ecosystem so there will be criticism of the regulator, but we must look long term.
Has NPCI gone live with tokenization?
<\/b>
We have gone live with Jio and are in the process of going live with GPay. We have given the communication to the regulator that we will be ready for tokenization by 30th<\/sup> September and we will onboard our ecosystem before the RBI deadline of 31st<\/sup> December. Bank by bank we will have to certify our partners, which will be done.
The RBI has announced a Payments Infrastructure Development Fund (PIDF). How is the progress on the implementation of this?
<\/b>
It\u2019s already operational. PIDF objective is to create an acceptance ecosystem in J&K and North East. Both POS and QR have different acceptance models. The question is whether demand comes first or supply. PIDF is aimed at fixing the supply side in tier 3 and beyond. PIDF is a big enabler to get the next 300 million into the digital journey. With increased smartphone penetration
What is the outlook on Bharat Bill Payment Systems?
<\/b>
We are very bullish on BBPS and good growth. We are building an ecosystem around BBPPs. There are Operating Units that are licensed by RBI. Around 15+ are licensed and we have over 15 more interested in becoming OUs. The ecosystem I think will grow around BBPS with banks, fintech and startups.
RBI is now reportedly mulling over deferring the New Umbrella Entity scheme. Would the introduction of NUE affect innovation being led by NPCI? How do you view competition in this space?
<\/b>
We have always shaped the market with localised innovation, and we shall continue to do so, with or without NUEs. We have been competing very hard with on card and mobile payments with international card schemes that are well entrenched in the world market. We or for that matter anybody cannot survive nor succeed without innovation and faster execution in such a fast-moving payment space.
NPCI\u2019s design as of today is more like not for profit. Can NPCI compete with NUE which is likely to come up and operate on commercial terms?
<\/b>
RBI and the top banks (with support of IBA) in the country created NPCI as \u201cpublic good\u201d and nurtured and made this organisation reasonably successful selflessly. China appears to adopt what India did a decade back, but again every country has different objectives and agendas.
<\/div><\/div>
<\/strong>
e-RUPI is a context-free, purpose-specific and person-specific solution. There could be many use cases that can leverage this new platform. The top 15 banks of the country have already enabled the workflows; however, the acceptance ecosystem will still have to be built. It reverses the standard UPI model of customers scanning the merchant QR code; here the merchant scans and thus needs the smart phone.
Cyber-attacks have been the biggest worry in the digital space. There have been some high-profile breaches of customer payment data. How is NPCI dealing with it?
<\/strong>
This is a super critical issue for the ecosystem. This is something that keeps us worried and awake. Recently I read that India is becoming or has become the Ransomware capital of the world, and most of these demands are in crypto currencies. The regulator has recently delivered a strong \u201ctokenisation framework\u201d which reduces the risk to almost near zero for card payments, if the ecosystem adopts them effectively. While there may be some criticism that it may increase the consumer friction in short term, finally, if there is a large breach, the blame is always on the regulator. The question is who takes the liability, and how do we protect the customers from such breaches? We want all start-ups, irrespective of their size and risk appetites, to participate in payments to expand the market. But how does the regulator mitigate the risk than better technology implementation? As we all know, security standards and certifications are necessary but may not be adequate.
So does tokenization address it?
<\/strong>
We at NPCI believe RBI\u2019s initiative is a welcome step and with efficient implementation of tokenization, the customer experience and trust will actually increase. There is nothing to fear. I recall a similar situation when RBI decided to implement the 2-factor authentication in 2012. The entire industry was against the RBI and, in just a few years, everyone started praising the decision and now the world is adopting the same. Customer protection always involves tough actions which benefit the system in the long-run. The regulator must implement without hesitation and deal with short-term criticism.
What about security at NPCI itself?
<\/strong>
We at NPCI ensure that robust and in-depth security standards are applied \u2013 from infrastructure to data security. We are gearing to implement this in RuPay in the next few days, and in addition the UPI with its inherent design offers safe and secure tokenization.
What is the rationale behind implementing the 30% market share cap rule for UPI? Even now two firms - PhonePe and GPay - are dominating 85% of the market. Will this be a problem?
<\/strong>
The market share cap is implemented keeping in mind the concentration risk approach while ensuring that it doesn\u2019t hinder the growth of UPI to the extent possible. We still believe the existing players such as Paytm, Amazon Pay and WhatsApp shall increase their market share in due course so that we don\u2019t need to interfere or take any action to reduce or curtail the growth of UPI. Now, we also see that popular banks\u2019 apps have been converted to full-fledged UPI apps (our long demand) example is iMobile, and we understand Yono and Payzapp shall enable soon. With these measures, we believe that the market share should balance itself out. We are actively consulting various players to increase their penetration in UPI. While digital is still at such a nascent stage, curtailing the UPI growth in the near future may not be in the best interests of the country. We still need huge growth in UPI, especially to enable the next 300 million users in the country who have smartphones and bank accounts, and the ecosystem efforts shall make it happen in the next 24 months.
The MDR was waived in 2020. What has been the impact on Rupay card issuances?
<\/strong>
Majority of the MDR (charges from the merchants to accept digital payments) funds the acceptance or infrastructure deployment of those services. The network or the clearing house gets about 10 to 15% of these charges. This is the only source of revenue for the ecosystem to fund the increasing the acceptance infrastructure, superior customer service or protection, prudent cyber security investments and the upscale central IT infrastructure by the entire chain of players part of digital payments. We believe that reasonable MDR charges should be levied so that the digital ecosystem can expand and grow. RuPay and UPI, the home-grown systems are put to disadvantage to some extent due to this regulation.
Coming back to cyber attacks<\/a>, how can RBI\u2019s new rules on tokenization help?
<\/b>What RBI is saying is \u2013 you can\u2019t store. There is an acceptance ecosystem and issuance ecosystem and there is a network. What the RBI is saying is that apart from the network and issuer, nobody can save card details. Tokenization is something like an alias number for the card which can be stored by anyone. So even if there is a breach, the customer card data won\u2019t be impacted. UPI on the other hand is already a tokenized system right from the design. For cards \u2013 the number is part of the authentication design. While it puts a short-term burden on the ecosystem so there will be criticism of the regulator, but we must look long term.
Has NPCI gone live with tokenization?
<\/b>
We have gone live with Jio and are in the process of going live with GPay. We have given the communication to the regulator that we will be ready for tokenization by 30th<\/sup> September and we will onboard our ecosystem before the RBI deadline of 31st<\/sup> December. Bank by bank we will have to certify our partners, which will be done.
The RBI has announced a Payments Infrastructure Development Fund (PIDF). How is the progress on the implementation of this?
<\/b>
It\u2019s already operational. PIDF objective is to create an acceptance ecosystem in J&K and North East. Both POS and QR have different acceptance models. The question is whether demand comes first or supply. PIDF is aimed at fixing the supply side in tier 3 and beyond. PIDF is a big enabler to get the next 300 million into the digital journey. With increased smartphone penetration
What is the outlook on Bharat Bill Payment Systems?
<\/b>
We are very bullish on BBPS and good growth. We are building an ecosystem around BBPPs. There are Operating Units that are licensed by RBI. Around 15+ are licensed and we have over 15 more interested in becoming OUs. The ecosystem I think will grow around BBPS with banks, fintech and startups.
RBI is now reportedly mulling over deferring the New Umbrella Entity scheme. Would the introduction of NUE affect innovation being led by NPCI? How do you view competition in this space?
<\/b>
We have always shaped the market with localised innovation, and we shall continue to do so, with or without NUEs. We have been competing very hard with on card and mobile payments with international card schemes that are well entrenched in the world market. We or for that matter anybody cannot survive nor succeed without innovation and faster execution in such a fast-moving payment space.
NPCI\u2019s design as of today is more like not for profit. Can NPCI compete with NUE which is likely to come up and operate on commercial terms?
<\/b>
RBI and the top banks (with support of IBA) in the country created NPCI as \u201cpublic good\u201d and nurtured and made this organisation reasonably successful selflessly. China appears to adopt what India did a decade back, but again every country has different objectives and agendas.
<\/div><\/div>
Follow and connect with us on Twitter<\/a>, Facebook<\/a>, Linkedin<\/a>, Youtube<\/a><\/div>","NumberOfSentences":{"minfo":"96.0","minfoseo":"96-0"},"AutomatedReadabilityIndex":{"minfo":"14.0","minfoseo":"14-0"},"LastPublishMilliTime":{"minfo":"1630548198116","minfoseo":"1630548198116"},"ReadabilityGradeLevel":{"minfo":"College","minfoseo":"college"},"GadgetsMarkedReviewed":{"minfo":"0","minfoseo":"0"},"HashCode":{"minfo":"1890304830","minfoseo":"1890304830"},"latestnewsflag":{"minfo":"1.0","minfoseo":"1-0"},"canonicalURL":{"minfo":"https:\/\/economictimes.indiatimes.com\/tech\/technology\/india-is-fast-becoming-the-global-ransomware-capital-says-npci-ceo\/articleshow\/85842668.cms","minfoseo":"https\/economictimes-indiatimes-com\/tech\/technology\/india-is-fast-becoming-the-global-ransomware-capital-says-npci-ceo\/articleshow\/85842668-cms"},"NumberOfCharacters":{"minfo":"9519.0","minfoseo":"9519-0"},"NumberOfWords":{"minfo":"1594.0","minfoseo":"1594-0"},"key":{"0":{"keyid":"6361792","value":"cyber attacks","smid":"0","keynameseo":"cyber-attacks","keytype":"","keycount":"totalcount","weightage":"100"},"1":{"keyid":"6358921","value":"UPI","smid":"0","keynameseo":"UPI","keytype":"","keycount":"totalcount","weightage":"20"},"2":{"keyid":"2736678","value":"Unified Payments Interface","smid":"0","keynameseo":"Unified-Payments-Interface","keytype":"","keycount":"totalcount","weightage":"20"},"3":{"keyid":"6362094","value":"ransomware","smid":"0","keynameseo":"ransomware","keytype":"","keycount":"totalcount","weightage":"20"},"5":{"keyid":"193630","value":"NPCI CEO","smid":"0","keynameseo":"NPCI-CEO","keytype":"","keycount":"totalcount","weightage":"20"},"6":{"keyid":"193629","value":"NPCI","smid":"0","keynameseo":"NPCI","keytype":"","keycount":"totalcount","weightage":"20"},"7":{"keyid":"28970","value":"interview","smid":"0","keynameseo":"interview","keytype":"","keycount":"totalcount","weightage":"20"},"8":{"keyid":"3658","value":"India","smid":"0","keynameseo":"India","keytype":"","keycount":"totalcount","weightage":"20"},"9":{"keyid":"11912975","value":"e-RUPI","smid":"0","keynameseo":"e-RUPI","keytype":"","keycount":"totalcount","weightage":"20"}},"authorsplit":{"author":[{"artau":"Ashwin Manikandan","aunameseo":"ashwin-manikandan","artauid":"479252742","artauemail":"ashwin.manikandan@timesinternet.com","auFullName":"Ashwin Manikandan","pubname":"ET","designame":"Correspondent","audetailsxml":{"authordetails":[],"details":{"detail":[{"@attributes":{"type":"occupation"}},{"@attributes":{"type":"beat"}}]}},"aulinksxml":{"links":{"link":{"twitter":[],"facebook":[],"googlePlusUrl":[],"contributorUrl":[]}}},"auagencyid":"88675387","auagencyname":"ET Bureau","autype":"GENERAL"},{"artau":"MC Govardhana Rangan","aunameseo":"mc-govardhana-rangan","artauid":"479211853","artauemail":"goviatwork@gmail.com","auselfimageid":"479211853","auimageid":"00479211853","auimagelen":"87886","auFullName":"MC Govardhana Rangan","pubname":"ET","designame":"Editor","audetailsxml":{"authordetails":"The author is a post-graduate in Economics and has been a financial markets journalist for more than 25 years.","details":{"detail":[{"@attributes":{"type":"occupation"}},{"@attributes":{"type":"beat"}}]}},"aulinksxml":{"links":{"link":{"twitter":[],"facebook":[],"googlePlusUrl":[],"contributorUrl":[]}}},"auagencyid":"88675387","auagencyname":"ET Bureau","autype":"GENERAL"}]},"similarlytagged":[{"msid":"96185785","stname":"North Korean cyber spies deploy new tactic: Tricking foreign experts into writing research for them","artsyn":"The hacking group, which researchers dubbed Thallium or Kimsuky, among other names, has long used \"spear-phishing\" emails that trick targets into giving up passwords or clicking attachments or links that load malware. Now, however, it also appears to simply ask researchers or other experts to offer opinions or write reports.","seolocation":"telecomnews\/north-korean-cyber-spies-deploy-new-tactic-tricking-foreign-experts-into-writing-research-for-them","seolocationalt":"North Korean cyber spies deploy new tactic: Tricking foreign experts into writing research for them","url_seo":"north-korean-cyber-spies-deploy-new-tactic-tricking-foreign-experts-into-writing-research-for-them"},{"msid":"96098472","stname":"MeitY plans extensive cybersecurity workshops for key government department heads","artsyn":"The workshop by the IT ministry comes following a crippling cyberattack on the servers of the state-run All India Institute of Medical Sciences (AIIMS), Safdarjung Hospital and other hospitals in the capital city.","seolocation":"telecomnews\/meity-plans-extensive-cybersecurity-workshops-for-key-government-department-heads","seolocationalt":"MeitY plans extensive cybersecurity workshops for key government department heads","url_seo":"meity-plans-extensive-cybersecurity-workshops-for-key-government-department-heads"},{"msid":"96098296","stname":"Stolen data of 600,000 Indians sold on bot markets so far: Study","artsyn":"The study by NordVPN, of Lithuania's Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at 490 Indian rupees($5.95).","seolocation":"telecomnews\/stolen-data-of-600000-indians-sold-on-bot-markets-so-far-study","seolocationalt":"Stolen data of 600,000 Indians sold on bot markets so far: Study","url_seo":"stolen-data-of-600000-indians-sold-on-bot-markets-so-far-study"},{"msid":"96079278","stname":"Cyber attacks will be more refined in 2023","artsyn":"Vijendra Katiyar, country manager for India & Saarc at Trend Micro, says the severe attacks on India\u2019s critical infrastructure, such as the recent ransomware attacks on AIIMS and the Tata Power, teach us one thing: cybercriminals will spend 2023 continuously fine-tuning their methods and becoming more professional.","seolocation":"telecomnews\/cyber-attacks-will-be-more-refined-in-2023","seolocationalt":"Cyber attacks will be more refined in 2023","url_seo":"cyber-attacks-will-be-more-refined-in-2023"},{"msid":"95989325","stname":"Cyber attacks triple in last three years in India, but security funds underutilised","artsyn":"The number of cyber attacks in the country has witnessed three-fold increase over as many years, however, the funds meant for cybersecurity have been underutilised with only Rs 98.31 crore used of the total Rs 213 crore sanctioned.","seolocation":"telecomnews\/cyber-attacks-triple-in-last-three-years-in-india-but-security-funds-underutilised","seolocationalt":"Cyber attacks triple in last three years in India, but security funds underutilised","url_seo":"cyber-attacks-triple-in-last-three-years-in-india-but-security-funds-underutilised"},{"msid":"95362773","stname":"Australia Inc roiled by raft of cyberattacks this year","artsyn":"Australia's second-largest mobile operator and a unit of Singapore Telecommunications was the first to report a data breach that affected up to 10 million customers, about 40% of the nation's population. The data exposed included home addresses, drivers' licences and passport numbers.","seolocation":"telecomnews\/australia-inc-roiled-by-raft-of-cyberattacks-this-year","seolocationalt":"Australia Inc roiled by raft of cyberattacks this year","url_seo":"australia-inc-roiled-by-raft-of-cyberattacks-this-year"},{"msid":"93997324","stname":"Training for CISOs and govt officials to make 'Cyber Safe India'","artsyn":"Launched in 2018, the CISO training is the first-of-its-kind of partnership between the government and industry consortium under Public-Private Partnership (PPP) model.","seolocation":"telecomnews\/training-for-cisos-and-govt-officials-to-make-cyber-safe-india","seolocationalt":"Training for CISOs and govt officials to make 'Cyber Safe India'","url_seo":"training-for-cisos-and-govt-officials-to-make-cyber-safe-india"},{"msid":"93759377","stname":"Ransomware to cause $30 bn in damage to govts, firms by 2023","artsyn":"Cyber-attacks have contributed to a loss of more than $60 billion in decentralised finance (DeFi) currency since 2012 -- $44 billion of that vanished during the last 12 months, according to the report by cyber protection company Acronis.","seolocation":"telecomnews\/ransomware-to-cause-30-bn-in-damage-to-govts-firms-by-2023","seolocationalt":"Ransomware to cause $30 bn in damage to govts, firms by 2023","url_seo":"ransomware-to-cause-30-bn-in-damage-to-govts-firms-by-2023"},{"msid":"93374443","stname":"Pak hackers targeting Indian officials shut by Meta","artsyn":"Apart from India, the group of hackers in Pakistan -- known in the security industry as APT36 -- targeted people in Afghanistan, Pakistan, the UAE and Saudi Arabia, according to Meta's quarterly 'Adversarial Threat Report'.","seolocation":"telecomnews\/pak-hackers-targeting-indian-officials-shut-by-meta","seolocationalt":"Pak hackers targeting Indian officials shut by Meta","url_seo":"pak-hackers-targeting-indian-officials-shut-by-meta"},{"msid":"93317530","stname":"77% of organizations expect to increase cybersecurity budget as attacks rise: Verizon Business study","artsyn":"An equal proportion of organizations (77%) have increased their cybersecurity budget in the last 12 months, as per Verizon Business Mobile Security Index 2022 report.","seolocation":"telecomnews\/77-of-organizations-expect-to-increase-cybersecurity-budget-as-attacks-rise-verizon-business-study","seolocationalt":"77% of organizations expect to increase cybersecurity budget as attacks rise: Verizon Business study","url_seo":"77-of-organizations-expect-to-increase-cybersecurity-budget-as-attacks-rise-verizon-business-study"},{"msid":"93285954","stname":"Check Point Q2 profit gains on 'healthy' cyber security demand","artsyn":"The Israel-based group on Monday said it earned $1.64 per diluted share excluding one-off items in the April to June period, up from $1.61 a year earlier. Revenue grew 9% to $571 million.","seolocation":"telecomnews\/check-point-q2-profit-gains-on-healthy-cyber-security-demand","seolocationalt":"Check Point Q2 profit gains on 'healthy' cyber security demand","url_seo":"check-point-q2-profit-gains-on-healthy-cyber-security-demand"},{"msid":"92977024","stname":"Cybersecurity firm Darktrace lifts annual profit forecast on customer growth","artsyn":"A shift to remote working during the pandemic as well as the Russia-Ukraine conflict, has fuelled a spike in cyber attacks and bolstered demand for security software.","seolocation":"telecomnews\/cybersecurity-firm-darktrace-lifts-annual-profit-forecast-on-customer-growth","seolocationalt":"Cybersecurity firm Darktrace lifts annual profit forecast on customer growth","url_seo":"cybersecurity-firm-darktrace-lifts-annual-profit-forecast-on-customer-growth"},{"msid":"92849140","stname":"S.Korean Prez vows to establish cyber warfare reserve forces","artsyn":"Yoon made the remark during a ceremony marking the 11th Information Security Day, which was designated by law in 2012 to enhance the protection of personal information, Yonhap news agency reported.","seolocation":"telecomnews\/s-korean-prez-vows-to-establish-cyber-warfare-reserve-forces","seolocationalt":"S.Korean Prez vows to establish cyber warfare reserve forces","url_seo":"s-korean-prez-vows-to-establish-cyber-warfare-reserve-forces"},{"msid":"92387513","stname":"37% of firms in India experienced a Cloud data breach in past year: Report","artsyn":"Nearly 46 per cent of organisations in India store most of their sensitive data in the cloud, according to the \"2022 Thales Cloud Security Report\", conducted by 451 Research, part of S&P Global Market Intelligence.","seolocation":"telecomnews\/37-of-firms-in-india-experienced-a-cloud-data-breach-in-past-year-report","seolocationalt":"37% of firms in India experienced a Cloud data breach in past year: Report","url_seo":"37-of-firms-in-india-experienced-a-cloud-data-breach-in-past-year-report"},{"msid":"92336381","stname":"Indian cyber agency warns users of multiple bugs in Cisco products","artsyn":"Last week, the cyber agency issued an advisory over multiple vulnerabilities in Adobe and Citrix products that could help hackers infiltrate computer systems.","seolocation":"telecomnews\/indian-cyber-agency-warns-users-of-multiple-bugs-in-cisco-products","seolocationalt":"Indian cyber agency warns users of multiple bugs in Cisco products","url_seo":"indian-cyber-agency-warns-users-of-multiple-bugs-in-cisco-products"},{"msid":"92216497","stname":"Canada wants companies to report cyber attacks and hacking incidents","artsyn":"\"There was a lot of thought given into identifying which sectors are vital to national security and public safety,\" Public Safety Minister Marco Mendicino told reporters, adding that operators of critical infrastructure would be identified after consulting the sectors.","seolocation":"telecomnews\/canada-wants-companies-to-report-cyber-attacks-and-hacking-incidents","seolocationalt":"Canada wants companies to report cyber attacks and hacking incidents","url_seo":"canada-wants-companies-to-report-cyber-attacks-and-hacking-incidents"},{"msid":"91824318","stname":"Norwegian software venture targets rising cyber attack risks","artsyn":"\"More and more (industrial) objects (are) being connected, and then you can add Russia-Ukraine on top of that,\" said Telenor CEO Sigve Brekke, adding that a trend that accelerated during COVID, is \"now going faster and faster\".","seolocation":"telecomnews\/norwegian-software-venture-targets-rising-cyber-attack-risks","seolocationalt":"Norwegian software venture targets rising cyber attack risks","url_seo":"norwegian-software-venture-targets-rising-cyber-attack-risks"},{"msid":"91807302","stname":"Infosys, Palo Alto Networks collaborate to provide cybersecurity for large enterprises","artsyn":"Infosys and Palo Alto Networks will accelerate the creation of network security solutions that will be delivered through the Infosys global network of security operations centers, according to an exchange filing. The companies will enhance these security solutions for their worldwide customers like Mercedes-Benz, the filing added.","seolocation":"telecomnews\/infosys-palo-alto-networks-collaborate-to-provide-cybersecurity-for-large-enterprises","seolocationalt":"Infosys, Palo Alto Networks collaborate to provide cybersecurity for large enterprises","url_seo":"infosys-palo-alto-networks-collaborate-to-provide-cybersecurity-for-large-enterprises"},{"msid":"91758793","stname":"Ransomware attacks rise 13% in past year, India Inc at great risk","artsyn":"Heightened geopolitical tensions are driving increased sophistication, visibility, and awareness around nation-state affiliated cyber-attacks, according to the \"Verizon Business 2022 Data Breach Investigations Report (2022 DBIR)\".","seolocation":"telecomnews\/ransomware-attacks-rise-13-in-past-year-india-inc-at-great-risk","seolocationalt":"Ransomware attacks rise 13% in past year, India Inc at great risk","url_seo":"ransomware-attacks-rise-13-in-past-year-india-inc-at-great-risk"},{"msid":"91692290","stname":"Putin promises to bolster Russia's IT security in face of cyber attacks","artsyn":"The websites of many state-owned companies and news websites have suffered sporadic hacking attempts since Russia sent its armed forces into Ukraine on Feb. 24, often to show information that is at odds with Moscow's official line on the conflict.","seolocation":"telecomnews\/putin-promises-to-bolster-russias-it-security-in-face-of-cyber-attacks","seolocationalt":"Putin promises to bolster Russia's IT security in face of cyber attacks","url_seo":"putin-promises-to-bolster-russias-it-security-in-face-of-cyber-attacks"}],"primeid":0,"storytags":{"categoryTag":{"sectionid":"49830939","sectionname":"TelecomNews","seolocation":"telecomnews","seolocationalt":"telecomnews"},"otherTags":[{"keyid":"6361792","value":"cyber attacks","smid":"0","keynameseo":"cyber-attacks","keytype":"","keycount":"totalcount","weightage":"100"},{"keyid":"6358921","value":"UPI","smid":"0","keynameseo":"UPI","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"2736678","value":"Unified Payments Interface","smid":"0","keynameseo":"Unified-Payments-Interface","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"6362094","value":"ransomware","smid":"0","keynameseo":"ransomware","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"28351","value":"Policy","smid":"0","keynameseo":"Policy","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"193630","value":"NPCI CEO","smid":"0","keynameseo":"NPCI-CEO","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"193629","value":"NPCI","smid":"0","keynameseo":"NPCI","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"28970","value":"interview","smid":"0","keynameseo":"interview","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"3658","value":"India","smid":"0","keynameseo":"India","keytype":"","keycount":"totalcount","weightage":"20"},{"keyid":"11912975","value":"e-RUPI","smid":"0","keynameseo":"e-RUPI","keytype":"","keycount":"totalcount","weightage":"20"}],"filterTags":[]},"formattedTags":{"companyTags":[],"otherTags":[{"name":"Unified Payments Interface"},{"name":"cyber attacks"},{"name":"ransomware"},{"name":"interview"},{"name":"NPCI CEO"},{"name":"Policy"},{"name":"e-RUPI"},{"name":"India"},{"name":"NPCI"},{"name":"UPI"}],"newsCategoryTags":[{"name":"TelecomNews","seolocation":"telecomnews"}],"breadcrumbTags":["cyber attacks","UPI","Unified Payments Interface","ransomware","Policy","NPCI CEO","NPCI","interview","India","e-RUPI"],"filterTags":[]},"breadcrumbTags":["cyber attacks","UPI","Unified Payments Interface","ransomware","Policy","NPCI CEO","NPCI","interview","India","e-RUPI"],"Alttitle":{"minfo":""},"Altdescription":{"minfo":""},"amp_url":"\/\/www.iser-br.com\/amp\/news\/india-is-fast-becoming-the-global-ransomware-capital-says-npci-ceo\/85854734"}" data-news-images="null" data-newsletter-by="0" data-newsletter-date="a" data-hasbottomcarousel="" data-alldetailsopen="0" data-multipleanalyticshit="" data-deeplink="https://ettelecom.app.link?$deeplink_path=" data-socialshareformat="default">
