MUMBAI: Away from the animated debate on privacy and the role of Aadhaar, banks are battling the travails of ‘Aadhaar Pay’ — a payment system where customers put their finger impression on a device to shop and withdraw cash instead of swiping credit or debit cards. Last week, senior officials of the leading banks met in Mumbai to discuss the hurdles and efficacy of the Aadhaar-enabled payment mechanism.
The questions that cropped up were: Would city consumers, who have multiple payment options like cards and wallets, share their biometric data to shop? Does it make sense to invest crores to upgrade and secure millions of point of sale (PoS) devices with scanners that capture finger print?
Other key questions were: Isn’t Aadhaar better suited for rural markets? Will merchants push Aadhaar based payment (in which bank accounts are debited) instead of credit cards that tend to push up sales? The lenders also wonder whether the merchants will push Aadhaar-based payment (in which bank accounts are debited) instead of credit cards that tend to push up sales.
Bankers know they cannot disregard the government mandate, but they admit that the industry is in no position to meet the November 30 deadline to install Aadhaar-driven PoS machines. Under the circumstances, the banking lobby, Indian Banks Association, will spell out its views to Reserve Bank of India, even though most fear that the regulator may be reluctant to take a position due to the political implications of the Aadhaar debate.
“Banks are told to upgrade two million PoS machines with external devices and obtain security certification by November 30…I don’t think more than two lakhs have happened till now. There are practical points related to business, time and cost…the privacy issue and what the Supreme Court would rule in the Aadhaar case a few months later is another matter,” said a banker. “Also, if Aadhaar Pay has to take off,” said another bank official, “the industry has to decide how to penetrate and grow the market, the roles issuing and acquiring banks have to play, and how the cost is recovered.”
In an Aadhaar-based payment, the biometric data, the 12-digit Aadhaar number and the transaction amount are transmitted from merchant PoS to multiple entities: the acquiring bank, National Payments Corporation of India (an umbrella organisation for retail payments in India), UIDAI (which issues and stores Aadhaar data), back to NPCI and finally to the customer’s bank where the shopper’s account is debited.
The biometric data is transmitted in an encrypted form. “Since the finger print image has to be guarded from hackers not only when it is transmitted to various organisations in the payment chain but also at the PoS point when it is captured, Unique Identification Authority of India (UIDAI) has specified new security standards for device manufacturers. The data theft at a private bank earlier this year shocked many and there were questions whether a merchant can store and misuse biometric data. The new specifications are aimed at addressing these concerns and secure the software as well as the hardware. It cannot happen overnight,” said a payment industry official.
While some of the questions related to Aadhaar Pay and Aadhaar-based ATMs are yet to be sorted out, banks, thanks to the government directive, are advising customers to link Aadhaar details with their bank accounts before the end of the year; some banks are seeding Aadhaar at customer ID levels to cover all accounts.
On the issue of customer consent, UIDAI has told banks to inform the customer in writing that Aadhaar details “are being taken as per requirement of the Prevention of Money Laundering Act (PMLA) rules and shall be used only for this purpose.” Banks have to keep record of such communication.
Critics of Aadhaar, who are resisting any coercion to link it with mobile numbers and bank accounts, are hoping that some of these rules may change after the apex court ruling. Bankers, however, are more concerned with a more prosaic question: Does it make business sense?
Source by indiatimes..Share: