Draft Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators
News:
Highlights:
- The draft directions focus on ensuring a robust governance mechanism for identifying, assessing, monitoring, and managing cybersecurity risks.
- The directions specify baseline security measures necessary for safe and secure digital payment transactions.
- The directions aim to ensure that non-bank Payment System Operators (PSOs) are resilient to both traditional and emerging information systems and cyber security risks.
- The existing instructions on security and risk mitigation for payments done using cards, Prepaid Payment Instruments (PPIs) and mobile banking will continue to apply.
Significance:
- These directions aim to ensure that the Indian digital payment ecosystem is secure and resilient against potential cybersecurity threats.
- They propose a shift towards the latest security standards.
Who:
- The draft Master Directions have been released by the RBI.
- They are applicable to non-bank Payment System Operators (PSOs).
When:
- The RBI has invited feedback and comments from stakeholders on the draft Master Directions before June 30, 2023.
Glossary:
- Payment System Operators (PSOs): These are entities that operate systems enabling transactions to be made through the direct debit, credit transfer, card payment, or similar payment instrument.
- Prepaid Payment Instruments (PPIs): These are methods that facilitate the purchase of goods and services against the value stored on such instruments. The value stored on PPIs represents the value paid by the holders by cash, by debit to a bank account, or by credit card.
MCQ:
Consider the following statements:
Statement-1: The draft Master Directions released by RBI are applicable only to bank Payment System Operators (PSOs).
Statement-II: The proposed directions focus on baseline security measures for safe and secure digital payment transactions, and they aim to ensure the resilience of all Payment System Operators (PSOs) to both traditional and emerging information systems and cyber security risks.
Which one of the following is correct in respect of the above statements?
(a) Both Statement-I and Statement-II are correct and Statement-II is the correct explanation for Statement-I
(b) Both Statement-I and Statement-II are correct but Statement-II is not the correct explanation for Statement-I
(c) Statement-I is incorrect but Statement-II is correct
(d) Statement-I is correct but Statement-II is incorrect
Answer: (c) Statement-I is incorrect but Statement-II is correct
Explanation: The draft Master Directions are applicable to non-bank Payment System Operators (PSOs), not bank PSOs as mentioned in Statement-I, making it incorrect. Statement-II is correct as it accurately describes the focus of the proposed directions.
If you like this post, please share your feedback in the comments section below so that we will upload more posts like this.