Starting today, new regulations have come into effect for making payments via UPI apps—essentially, for digital payments—across the country. Consequently, users will now benefit from enhanced security for their online transactions.
New Rules for UPI Payments: The new financial year begins today, and with the commencement of the 2026-27 fiscal year, the method for UPI and certain other digital payments has undergone a change. As per the Reserve Bank's new guidelines effective today, users will now enjoy the benefit of "double safety"—or dual-layer security—for their UPI and digital transactions. According to the RBI's new norms, Two-Factor Authentication (2FA) will now be mandatory for making online payments through UPI apps such as Google Pay (GPay), Paytm, and PhonePe. Under these new rules, simply entering your PIN will no longer suffice to complete a payment; instead, every transaction must now be finalized through a two-step verification process.
How Two-Factor Authentication (2FA) Will Work
Previously, making a digital payment simply required scanning a QR code and subsequently entering a 4-digit PIN to complete the transaction. However, under the new Two-Factor Authentication framework, a payment can now only be finalized *after* entering the PIN, followed by an additional verification step—such as entering an OTP, or using a fingerprint or facial scan. While this may add a few extra moments to the online payment process, the RBI has implemented this measure specifically to safeguard users, helping them avoid cybercrimes and ensuring the security of their funds. For any online payment, funds will not be debited from your bank account until you have successfully cleared this dual-layer security protocol.
The Step-by-Step Process
To make an online payment, first scan the QR code and enter your pre-set PIN or password. Following this, in accordance with the second layer of security, if an OTP is requested, you must enter the One-Time Password received via SMS on your mobile phone. Additionally, if the system prompts you to proceed with the payment using a fingerprint scan or a facial scan, you may be required to complete that step as well. It is not the case that you will be required to undergo two-factor authentication (2FA) using all three methods simultaneously; rather, after entering your PIN, you can easily complete your payment once 2FA has been successfully verified through just one of these methods.
Why Was This Step Taken?
Nowadays, cybercriminals and digital fraudsters have identified vulnerabilities even in online transactions that rely solely on a single OTP or PIN, and they are exploiting these loopholes to target individuals making digital payments. It is precisely for this reason that this additional layer of security is being implemented.
-
Exciting Job Opportunities in Surat Municipal Corporation for 2026
-
ITVX adds season of classic series including 'one of the most unsettling episodes ever'
-
Keep cats, foxes and rats out of your garden with simple 39p natural repellent
-
US journalist abducted in Baghdad; suspect linked to Iran-backed militia detained
-
Urgent recall issued for 7 popular toys sold by high street giant - 'asbestos found'
