VASCO Data Security Optimistic About RBI Guidelines

VASCO Data Security International, a software security company specialising in authentication products, is optimistic about the new guidelines set by the Reserve Bank of India. VASCO’s DIGIPASS is a security product, providing strong user authentication and digital signatures via authentication products carried by users, or in software on mobile telephones, portable devices or PCs. It is compatible with more than 50 international vendors for a variety of e-commerce, e-banking, e-networking and e-government applications.

As per the guidelines, all merchants in India are required to collect an OTP (One Time Password) in addition to information written on the Credit cards for all transactions done over phone (IVR). All banks in India are required to provide OTP directly to their customers for a secure transaction over IVR. This can be done either to the card user’s registered mobile number or email ID or both. This in turn requires a technology platform that integrates various communication channels like Phone, Email, SMS, Web and Fax with the CRM and database applications. Now, with Passwords being generated and sent for individual customers on request, a detailed and granular customer profile is to be maintained and fetched whenever required. With a mandate of OTP added to other financial transactions-related regulations, merchants of e-commerce enabled businesses, banks and other financial institutions are facing a challenge of ensuring compliance. Both generation and distribution of the One Time Password requires a tight interoperability among the various underlying business applications.

At present, India has 27 public sector banks, 7 new private sector banks, 15 old private sector banks, 31 foreign banks, 86 regional rural banks, 4 local area banks, 1,721 urban cooperative banks, 31 state cooperative banks and 371 district central cooperative banks.

“Mobile phone users are becoming less hesitant towards the adoption of mobile applications as the security of these devices is enhanced. While the Regulator has taken a step in the right direction by mandating additional password, it is the authentication strategy adopted by banks which is of great importance. It should be based on enhancing security and providing convenience to the banking consumer,” said Jan Valcke, VASCO’s President and COO.