In a move that has sent ripples across India’s fintech ecosystem, the Reserve Bank of India (RBI) has proposed a one-hour delay for digital payments exceeding ₹10,000. This proposed “cooling-off period” is part of a broader framework to combat the alarming rise in digital payment frauds, particularly those driven by social engineering and customer manipulation.
As India continues to lead the world in digital payment volumes, the central bank faces a growing challenge: how to balance the instant gratification of real-time payments with the pressing need for robust security. This comprehensive guide explores everything you need to know about the RBI’s proposal—from how it works and why it is being considered to its potential impact on consumers, businesses, and the future of digital payments in India.
Why the RBI is Proposing a One-Hour Delay
The numbers tell a compelling story. India’s digital payment ecosystem has witnessed explosive growth, with transaction volumes increasing 38-fold over the past decade. However, this rapid expansion has been accompanied by an equally alarming surge in fraudulent activities.
The Rising Tide of Digital Payment Frauds
According to data from the National Cyber Crime Reporting Portal cited in the RBI’s discussion paper, reported digital payment frauds have skyrocketed from 2.6 lakh cases involving ₹551 crore in 2021 to 28 lakh cases worth approximately ₹22,931 crore in 2025. This represents a staggering increase in both frequency and value, underscoring the urgent need for intervention.
The RBI has noted that most of these frauds are not system-level breaches but rather authorised push payment (APP) frauds, where users themselves are tricked into initiating transactions under false pretences. Fraudsters use sophisticated social engineering techniques—including impersonation, coercion, and even deep-fake-enabled scams—to manipulate customers into transferring money.
The instantaneous nature of payment systems like UPI, IMPS, NEFT, and RTGS means that once a transaction is initiated, there is virtually no window for the customer to reconsider or for banks to intervene before funds leave the account. This “velocity gap” between transaction speed and fraud prevention is precisely what the RBI aims to address.
Understanding the Proposed One-Hour Delay Mechanism
So, how exactly would this one-hour delay work? Here is a breakdown of the proposed mechanism:
How the Lagged Credit System Would Function
Under the proposal, when a customer initiates a digital payment exceeding ₹10,000, the transaction would not settle instantly. Instead, a one-hour lag period would be applied at the payer’s end. During this one-hour window:
Customers have the option to cancel payments if they suspect fraud or change their minds
Banks can flag suspicious transactions and seek reconfirmation from the customer
Fraudsters’ attempts to create urgency are disrupted, reducing their ability to siphon funds quickly
This “cooling-off window” essentially gives customers a second chance to review and reconsider high-value transfers, addressing the psychological manipulation tactics that fraudsters commonly employ.
The Payment Systems Covered
The proposal is expected to apply to account-to-account transfers through fast payment networks, including the Unified Payments Interface (UPI), Immediate Payment Service (IMPS), National Electronic Funds Transfer (NEFT), and Real-Time Gross Settlement (RTGS) systems. This encompasses virtually all major digital payment channels used by Indian consumers and businesses.
What About Transactions Below ₹10,000?
Importantly, the RBI has indicated that the one-hour delay would apply only to transactions exceeding ₹10,000. Smaller-value payments would likely continue to process instantly, preserving the efficiency of low-value, everyday transactions. This selective approach aims to introduce friction only where fraud risks are higher while maintaining seamless user experience for routine payments.
The Four-Pronged Approach: Beyond the One-Hour Delay
The one-hour delay is just one component of a broader four-measure framework proposed by the RBI to strengthen digital payment security. Understanding these complementary measures provides context for the central bank’s comprehensive strategy.
1. One-Hour Delay for Transactions Above ₹10,000
As discussed, this forms the cornerstone of the proposal, providing a critical intervention window for high-value transfers.
2. Trusted-Person Authentication for Vulnerable Users
Recognising that certain demographic groups are particularly susceptible to fraud, the RBI has proposed an additional authentication layer for transactions exceeding ₹50,000, specifically for senior citizens aged 70 and above and persons with disabilities. Under this proposal, a “trusted person” nominated by the customer would be required to verify such high-value transactions before they can proceed.
This measure directly targets impersonation scams and digital arrest frauds that disproportionately affect elderly citizens. However, the RBI itself has acknowledged potential operational and legal concerns, including transaction delays and questions surrounding third-party authorisation.
3. Capping Annual Credits to Curb Mule Accounts
To combat the proliferation of mule accounts—bank accounts used to route illicit funds—the RBI has proposed placing a cap on annual credits. Accounts without enhanced due diligence may face a ceiling of ₹25 lakh in annual inflows. Any funds exceeding this threshold would be held as “shadow credits” until verified, with unverified funds potentially being reversed after 30 days.
This measure aims to make it significantly harder for fraudsters to use multiple accounts to launder stolen money.
4. Customer-Controlled Safeguards: The “Kill Switch”
Perhaps the most user-empowering measure in the proposal is the introduction of a “kill switch” mechanism. This feature would allow customers to instantly disable all digital transactions on their accounts in one step if they suspect fraudulent activity. The RBI has also proposed extending “switch on/off” controls—currently available primarily for cards—across all digital payment modes.
Notably, this feature is already operational in Singapore and is being rolled out by some banks in Australia, indicating that India is following global best practices in fraud prevention.
How Digital Payment Fraud Has Evolved
To fully appreciate the significance of these proposals, it is essential to understand how digital payment fraud has evolved in recent years.
From System Breaches to Social Engineering
Earlier regulatory measures, including two-factor authentication, tokenisation, and transaction controls, have significantly reduced system-level breaches. However, fraudsters have adapted their tactics accordingly. The RBI notes that most fraud cases now stem from social engineering techniques rather than system vulnerabilities.
Common social engineering tactics include:
Impersonation scams: Fraudsters pose as bank officials, government agents, or family members
Coercion and intimidation: Victims are threatened with account freezing or legal action
Deepfake-enabled scams: Advanced AI technology is used to create convincing fake audio or video of trusted individuals
Digital arrest frauds: Victims are convinced they are under virtual investigation
The UPI Fraud Landscape
UPI remains the world’s largest real-time payment system, supporting approximately 491 million users and 65 million merchants. However, this scale has also made it a prime target for fraudsters. Cumulative losses linked to UPI transactions have exceeded significant thresholds, with over 13 lakh UPI-related fraud cases reported annually.
The problem is not limited to UPI. Across all digital payment channels, reported cyber-fraud amounts reached approximately ₹22,504 crore in 2025. The average fraud loss stands at ₹1.40 for every ₹1 lakh worth of digital transactions—a figure that, while small in percentage terms, represents substantial absolute losses.
Potential Impact on Different Stakeholders
The proposed one-hour delay will affect various stakeholders differently. Here is a balanced analysis of the potential impacts.
Impact on Individual Consumers
Positive implications:
Enhanced protection against fraud through the cooling-off period
Opportunity to cancel transactions made in error or under duress
Reduced stress knowing there is a window for intervention
Additional safeguards for vulnerable groups like senior citizens
Potential drawbacks:
Loss of payment immediacy for high-value transactions
Possible inconvenience for legitimate urgent payments
Need to plan high-value transfers in advance
Impact on MSMEs and Small Businesses
Small businesses and micro, small, and medium enterprises (MSMEs) are likely to feel the impact most acutely. These businesses often rely on instant digital payments for day-to-day operations, including vendor settlements, inventory purchases, and payroll management.
A one-hour delay could affect:
Supply chain efficiency: Just-in-time inventory management may face disruptions
Cash flow management: Working capital cycles could be impacted
Emergency payments: Urgent business payments may be delayed
However, it is worth noting that the RBI has simultaneously proposed measures to support MSMEs, including simpler onboarding for the Trade Receivables Discounting System (TReDS) to help them access funds faster.
Impact on Banks and Payment Service Providers
Financial institutions will need to make significant operational adjustments:
Technology upgrades: Payment systems must be reconfigured to support the lagged credit mechanism
Compliance costs: Additional staff training and monitoring systems will be required
Customer communication: Banks must educate customers about the new process
Fraud detection: Enhanced systems will be needed to flag suspicious transactions during the cooling period
The RBI has acknowledged that the proposed measures could lead to increased transaction friction and higher compliance costs for banks.
Impact on the Digital Payments Ecosystem
For India’s broader digital payments ecosystem, the proposal represents a significant philosophical shift. The country has built its digital payments success on the foundation of real-time, instant settlement. Introducing deliberate delays challenges this core value proposition.
However, as the European Banking Authority has noted, the risk of fraudulent transactions can be up to ten times higher in instant credit transfers compared to regular credit transfers. This global reality suggests that India is not alone in grappling with this trade-off between speed and security.
Global Context: How Other Countries Are Addressing APP Fraud
The RBI’s proposal aligns with international trends in combating authorised push payment fraud. Several countries have implemented or are considering similar measures:
United Kingdom
The UK, which launched its faster payments system in 2008—accompanied by a 132% increase in online banking fraud—has implemented mandatory APP fraud reimbursements, requiring banks to absorb the cost of scam losses even when customers technically authorised the transactions.
Australia
Some Australian banks are already rolling out “kill switch” features similar to what the RBI is proposing.
Singapore
The “kill switch” mechanism is already operational in Singapore, and the country has established a National Anti-Scam Centre with coordinated disruption campaigns and real-time intelligence-sharing loops.
European Union
The European Banking Authority has assessed that fraud risk in instant credit transfers runs significantly higher than traditional payment methods, prompting discussions about enhanced safeguards.
Timeline and Next Steps
The RBI has invited stakeholder feedback on the discussion paper until May 8, 2026. Following the consultation period, the central bank will review responses and consider issuing draft guidelines. This structured approach allows banks, payment service providers, consumer groups, and other stakeholders to provide input before any rules are finalised.
Balancing Security and Convenience: The Core Challenge
At the heart of this debate lies a fundamental question: how much convenience are we willing to sacrifice for security?
The RBI has made its position clear. The objective is to introduce friction selectively in high-risk transactions while preserving the efficiency of low-value payments. The proposed ₹10,000 threshold is strategically chosen to capture transactions large enough to cause significant loss while exempting everyday small payments.
This balanced approach recognises that not all digital payments carry the same risk profile. A ₹500 grocery payment made via UPI at a local store requires different security considerations than a ₹50,000 transfer to a newly added beneficiary.
Practical Advice for Digital Payment Users
While the proposed measures await implementation, here are practical steps you can take to protect yourself from digital payment fraud:
Never share OTPs, PINs, or passwords with anyone, regardless of who they claim to be
Verify requests independently by calling back on official numbers
Use transaction limits to cap daily transfer amounts
Enable two-factor authentication wherever available
Regularly review bank statements for unauthorised transactions
Be suspicious of urgent payment requests—fraudsters thrive on creating panic
Keep contact information updated with your bank to receive alerts
The Road Ahead
The RBI’s proposal marks a significant moment in India’s digital payments journey. After years of prioritising speed and accessibility, the central bank is now taking deliberate steps to prioritise security. This evolution is natural and necessary for any mature payment system.
The coming weeks and months will see intense debate among stakeholders. Consumer groups will likely advocate for robust implementation with minimal inconvenience. Banks will push for reasonable compliance timelines. Fintech companies may express concerns about user experience. And fraudsters—ever adaptive—will search for new vulnerabilities to exploit.
What remains clear is that the status quo is no longer tenable. With digital payment fraud cases reaching 28 lakhs annually and losses crossing ₹22,900 crore, action is not just advisable—it is imperative.
The one-hour delay proposal, along with the broader four-measure framework, represents a thoughtful, evidence-based response to a growing crisis. Whether it proves to be the right balance between security and convenience will depend on careful implementation, continuous monitoring, and a willingness to adapt as the fraud landscape evolves.
For now, the message is clear: India’s digital payments revolution is entering a new phase—one where security takes centre stage alongside speed and accessibility. And that, ultimately, is good news for every Indian who relies on digital payments.
.webp)
