wordpress blog stats
Connect with us

Hi, what are you looking for?

RBI to issue cybersecurity guidelines to ATM service providers, urban cooperative banks by Dec 31

The Reserve Bank of India (RBI) will issue new cybersecurity guidelines for ATM service providers by December 31, it said in a statement on developmental and regulatory policies. The guidelines would require implementation of several measures to strengthen the process of deployment and changes in application softwares in the ecosystem, continuous surveillance, implementation of controls on storage, processing and transmission of sensitive data, building capacity for forensic examination and making the incident response mechanism more robust.

The apex bank noted that a number of commercial banks, urban cooperative banks and other entities regulated by the RBI, rely on third-party application service providers for ATM Switch applications. Since these service providers have exposure to the payments system landscape, it leaves them exposed to cybersecurity threats. RBI said that the cybersecurity guidelines will have to be mandated by the regulated entities in their contractual agreements with these service providers.

Why this matters: Over 1.3 million payment card details  98% of them being Indian banks’ cards  were put up for sale on Joker’s Stash. 550,000 of these cards belonged to one single Indian bank. The data was being sold at $100 per card, and was likely obtained by using skimming devices installed on ATMs and Point of Sales systems.

Urban cooperative banks also to get cybersecurity guidelines

Urban cooperative banks (UCBs) will also be issued a comprehensive cyber security framework by the RBI, based on their “digital depth and interconnectedness with the payment systems landscape, digital products offered by them and assessment of cyber security risk”. Under this new set of guidelines, which will be issued in detail by December 31, UCBs will have to implement cybersecurity measures such as:

  • Implementation of bank specific email domain
  • Periodic security assessment of public facing websites/applications
  • Strengthening cybersecurity incident reporting mechanism
  • Strengthening of governance framework
  • Setting up of Security Operations Center (SOC)

“This would bolster cyber security preparedness and ensure that the UCBs offering a range of payment services and higher Information Technology penetration are brought at par with commercial banks in addressing cyber security threats,” RBI said.

Advertisement. Scroll to continue reading.

You May Also Like


Transactions on the Unified Payments Interface (UPI) stood Rs 4.93 lakh crore in April 2021, up by 3.6x compared to the same month in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ