wordpress blog stats
Connect with us

Hi, what are you looking for?

RBI to issue cybersecurity guidelines to ATM service providers, urban cooperative banks by Dec 31

The Reserve Bank of India (RBI) will issue new cybersecurity guidelines for ATM service providers by December 31, it said in a statement on developmental and regulatory policies. The guidelines would require implementation of several measures to strengthen the process of deployment and changes in application softwares in the ecosystem, continuous surveillance, implementation of controls on storage, processing and transmission of sensitive data, building capacity for forensic examination and making the incident response mechanism more robust.

The apex bank noted that a number of commercial banks, urban cooperative banks and other entities regulated by the RBI, rely on third-party application service providers for ATM Switch applications. Since these service providers have exposure to the payments system landscape, it leaves them exposed to cybersecurity threats. RBI said that the cybersecurity guidelines will have to be mandated by the regulated entities in their contractual agreements with these service providers.

Why this matters: Over 1.3 million payment card details  98% of them being Indian banks’ cards  were put up for sale on Joker’s Stash. 550,000 of these cards belonged to one single Indian bank. The data was being sold at $100 per card, and was likely obtained by using skimming devices installed on ATMs and Point of Sales systems.

Urban cooperative banks also to get cybersecurity guidelines

Urban cooperative banks (UCBs) will also be issued a comprehensive cyber security framework by the RBI, based on their “digital depth and interconnectedness with the payment systems landscape, digital products offered by them and assessment of cyber security risk”. Under this new set of guidelines, which will be issued in detail by December 31, UCBs will have to implement cybersecurity measures such as:

  • Implementation of bank specific email domain
  • Periodic security assessment of public facing websites/applications
  • Strengthening cybersecurity incident reporting mechanism
  • Strengthening of governance framework
  • Setting up of Security Operations Center (SOC)

“This would bolster cyber security preparedness and ensure that the UCBs offering a range of payment services and higher Information Technology penetration are brought at par with commercial banks in addressing cyber security threats,” RBI said.

You May Also Like


The first few days of this year were rife with speculation that Alibaba founder Jack Ma had disappeared. But the fintech tycoon remains elusive,...


In a first for India’s fintech industry, U GRO Capital has filed a patent application with the Indian Patent Office for its score-card based...


As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...


The Department for Promotion of Industry and Internal Trade (DPIIT) has forwarded complaints against Amazon and Flipkart, made by traders body Confederation of All...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ