The Reserve Bank of India (RBI) has introduced a draft framework aimed at Importantly enhancing the security of digital payments across the country. In response to the alarming rise in cyber-financial crimes, the central bank has proposed the implementation of a 'Kill Switch' and a 'Lagged Credit' system. These measures are designed to empower customers with greater control over their digital banking channels and to create a buffer against the rapid siphoning of funds by cybercriminals. The RBI has invited public comments and suggestions on these draft guidelines until May 8, 2026.
Kill Switch: Instant Freeze for Digital Payment Modes
Under the proposed guidelines, all regulated entities, including banks and payment system operators, must provide a 'Kill Switch' facility to their customers, while this feature will allow users to instantly disable all digital payment modes—such as UPI, internet banking, and card services—through a single action. In the event of a suspected hack, phone theft, or fraudulent activity, a customer can freeze their account's digital access immediately. Once the Kill Switch is activated, restoring services will require a stringent authentication process or a physical visit to the bank branch to ensure maximum security.
One-Hour Time Gap for Transactions Above ₹10,000
To mitigate the impact of high-value frauds, the RBI has suggested a 'Lagged Credit' mechanism for transactions exceeding ₹10,000.5% of the total value lost to fraud involves transactions above this threshold. The proposal suggests a cooling-off period of one hour for such payments. During this window, the funds will be debited from the sender's account but held before being credited to the recipient. This delay provides the sender with a critical opportunity to report and cancel a transaction if they realize it was fraudulent.
Trusted Person Authentication for Senior Citizens
Recognizing the vulnerability of certain demographics, the RBI has introduced the concept of a 'Trusted Person' for senior citizens aged 70 and above, as well as for persons with disabilities. This feature allows these customers to nominate a trusted individual who must authenticate or verify large or unusual transactions initiated from the account, while the transaction will only proceed once the designated trusted person provides the necessary approval. This secondary layer of verification is expected to protect elderly citizens from social engineering and phishing attacks.
Curbing Fraud via Mule Accounts and Credit Limits
According to the National Cyber Crime Reporting Portal (NCRP), India witnessed nearly 28 lakh fraud cases in 2025, resulting in a loss of ₹22,931 crore. A significant portion of these funds is moved through 'mule accounts'—accounts opened in the names of third parties to facilitate money laundering. The RBI is now considering imposing limits on the total credit that can flow into certain categories of accounts. Plus, banks will be required to enhance their real-time monitoring systems to detect and flag suspicious patterns associated with mule account activities.
Strengthening the Digital Payment Ecosystem
The draft framework also emphasizes the need for customers to have the autonomy to set their own transaction limits. Users will be able to define daily or per-transaction caps for various payment channels according to their usage patterns, while the RBI's approach focuses on shifting the security paradigm from reactive to proactive. Once finalized, these regulations will mandate payment service providers to upgrade their infrastructure to support these advanced security features, ensuring a more resilient digital financial environment in India.