India is stepping up efforts to secure its rapidly expanding digital payments ecosystem, with the government outlining a multi-layered approach that combines regulatory oversight, artificial intelligence tools, audits, awareness campaigns, and cyber preparedness exercises.
In a written reply in the Rajya Sabha, the Ministry of Finance stated that the government has been “proactively engaging with different stakeholders to review the changing threat landscape, mitigation measures, and creating awareness among the common citizens.”
The strategy reflects a preventive posture aimed at strengthening institutional capacity rather than responding to any single incident.
At the regulatory level, the Reserve Bank of India has issued Master Directions on Digital Payment Security Controls to address threats across internet banking, mobile banking, and card payment channels, mandating common minimum security standards for banks.
Read also : RBI proposes allowing bank lending to REITs, signals policy shift in real estate financing
Technology is also being deployed as a frontline defence. The RBI has launched an artificial intelligence-based tool, “MulE-Hunter,” for identifying money mule accounts, while the National Payments Corporation of India has provided an AI and Machine Learning-based fraud monitoring solution to banks to generate alerts and decline suspicious transactions.
To reinforce compliance, supervised entities including banks, payment system operators, and prepaid instrument issuers have been advised to conduct special cybersecurity audits through auditors empanelled by the Indian Computer Emergency Response Team (CERT-In) and act on the findings.
Authorities are simultaneously focusing on public awareness as a critical layer of defence. RBI and banks are running campaigns through SMS, radio, and publicity initiatives on cybercrime prevention, alongside electronic banking awareness and training programmes that emphasise fraud risk mitigation.
CERT-In is regularly sharing safety tips, infographics, and booklets through official platforms to sensitise internet users, while also conducting cybersecurity mock drills to assess the preparedness of organisations in critical sectors, including banking.
The agency is further collaborating with industry partners to run joint training programmes aimed at upskilling the cyber security workforce across government and private institutions.
