wordpress blog stats
Connect with us

Hi, what are you looking for?

, , , ,

RBI to issue cybersecurity guidelines to ATM service providers, urban cooperative banks by Dec 31

The Reserve Bank of India (RBI) will issue new cybersecurity guidelines for ATM service providers by December 31, it said in a statement on developmental and regulatory policies. The guidelines would require implementation of several measures to strengthen the process of deployment and changes in application softwares in the ecosystem, continuous surveillance, implementation of controls on storage, processing and transmission of sensitive data, building capacity for forensic examination and making the incident response mechanism more robust.

The apex bank noted that a number of commercial banks, urban cooperative banks and other entities regulated by the RBI, rely on third-party application service providers for ATM Switch applications. Since these service providers have exposure to the payments system landscape, it leaves them exposed to cybersecurity threats. RBI said that the cybersecurity guidelines will have to be mandated by the regulated entities in their contractual agreements with these service providers.

Why this matters: Over 1.3 million payment card details  98% of them being Indian banks’ cards  were put up for sale on Joker’s Stash. 550,000 of these cards belonged to one single Indian bank. The data was being sold at $100 per card, and was likely obtained by using skimming devices installed on ATMs and Point of Sales systems.

Urban cooperative banks also to get cybersecurity guidelines

Urban cooperative banks (UCBs) will also be issued a comprehensive cyber security framework by the RBI, based on their “digital depth and interconnectedness with the payment systems landscape, digital products offered by them and assessment of cyber security risk”. Under this new set of guidelines, which will be issued in detail by December 31, UCBs will have to implement cybersecurity measures such as:

  • Implementation of bank specific email domain
  • Periodic security assessment of public facing websites/applications
  • Strengthening cybersecurity incident reporting mechanism
  • Strengthening of governance framework
  • Setting up of Security Operations Center (SOC)

“This would bolster cyber security preparedness and ensure that the UCBs offering a range of payment services and higher Information Technology penetration are brought at par with commercial banks in addressing cyber security threats,” RBI said.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....


By Anand Venkatanarayanan                         There has been enough commentary about the Indian IT...


By Rahul Rai and Shruti Aji Murali The Indian antitrust regulator, the Competition Commission of India (CCI) has a little more than a decade...


By Stella Joseph, Prakhil Mishra, and Surabhi Prabhudesai The recent difference of opinions between the Government and Twitter brings to fore the increasing scrutiny...


This article is being posted here courtesy of The Wire, where it was originally published on June 17.  By Saksham Singh The St Petersburg paradox,...

You May Also Like


Amidst rising cyberattacks in India, the ministry said that government agencies were formulating crisis management plans, holding mock drills, and continuously monitoring cyber threats....

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ