Digital payments have become essential in today’s modern world. People are relying upon this mode more than any other. As a result, the need to make the digital platforms and the process secure has become a major concern. While making online transactions, the most important thing to keep in mind is that if this is not done securely, then your data can fall into the wrong hands. Therefore, each business that offers online payment must adhere to a strict set of rules and regulations to ensure that they do not put their user’s privacy and data at risk.
What is DPSC?
This particular set of security controls emerged in 2021. The RBI DPSC was specifically designed to be implemented in sectors such as banks, credit card issuing NBFC, etc. With its use, people can make any kind of transaction with utmost safety and security. The Master Direction covers the following under its scope:
- Governance and Management of Security Risks
- Generic Security Controls
- Application Security Life Cycle (ASLC)
- Authentication Framework
- Fraud Risk Management
- Reconciliation Mechanism
- Customer Protection, and more.
Although it confers several advantages that can help entities maintain utmost transparency about the safety and security of their clients and customers, its implementation is restricted to a few sectors. This includes Scheduled Commercial Banks, Payments Banks, Small Financing Banks, etc. This system also provides all such entities with a framework to adhere to which can enable them to access membership to this platform with ease. It is important to note here that getting access to it is not as easy a task as one would think it to be.
For example, certain guidelines must be followed if a particular entity wants to get entry into this platform known as RBI DPSC. As a result, some often fall short of it and fail to access the benefits that such platforms can offer. Therefore, they have enlisted a few guidelines or requirements that must be properly fulfilled by them.
Let’s take a look at the guidelines
There are different types of platforms, and their security system varies based on their differences. These two types are centralized systems and decentralized systems. Any system that has earned recognition by RBI such as Real Time Gross Settlement (RTGS), and National Electronic Fund Transfer (NEFT) systems can be termed a centralized system. There are some sectors under the RBI and a few banks such as the Express Cheque Clearing System Centers that are referred to as decentralized systems.
Based on their categories, the departments that fall under each category have to follow a set of distinct rules and regulations to attain membership. For example, Post office savings banks can take a membership as a part of the decentralized system.
There is also a set of rules or guidelines that entities must follow to be termed as centralized or decentralized. These criteria are diff for both categories. For example, banks that want to be categorized as centralized systems must have a CRAR of 9% with net NPAs below 5%. They must also have a minimum worth of 25 crores. Similarly, each entity that wishes to be listed under decentralized systems must have a CRAR of 9% and net NPAs below 5%.