Customer Protection Policy
Customer Liability in Case of Unauthorized Electronic Payment Transactions
1. BACKGROUND:
RajCOMP Info Services Limited, a Government of Rajasthan Undertaking, (herein after referred as “RISL”) as co-branding partner and Transaction Analysts India Private Limited (herein after referred as “TA”) as a Prepaid Payment Instruments Operator (here in after TA and RISL combinedly are referred as “Jan Aadhaar e-Wallet Service Provider” or “JASP”), offer Jan Aadhaar e-Wallet Services to citizens of Rajasthan.
JASP is committed to provide superior and safe customer service experience to all its customers.
In order to enable the above, JASP has invested in technology and has robust security systems and
fraud detection and prevention mechanisms in place to ensure safe and secure payment experience
to its customers. Keeping in mind the increasing thrust on financial inclusion & customer
protection, the Reserve Bank of India had issued a circular on Customer Protection – Limiting
Liability of Customers in Unauthorised Electronic Payment Transactions in Prepaid Instruments
(PPIs) issued by Authorized Non-banks (RBI/2018-19/101 DPSS.CO.PD.No. 1417/02.14.006/2018-19
dated January 4, 2019) which inter-alia requires PPI to formulate a Board approved policy with
regard to customer protection and compensation in case of unauthorized electronic payment transactions.
2. OBJECTIVE:
This policy seeks to communicate in a fair and transparent manner the JASP’s policy on:
- a) Customer protection (including mechanism of creating customer awareness on the risks and responsibilities involved in electronic payment transactions)
- b) Customer liability in cases of unauthorized electronic payment transactions
- c) Customer compensation due to unauthorized electronic payment transactions (reported by customer within defined timelines)
3. SCOPE:
For the purpose of this Policy, electronic payment transactions have been divided into two categories:
- i. Remote / Online payment transactions (transactions that do not require physical PPIs to be presented at the point of transactions e.g., wallets, card not present (CNP) transactions, etc.).
-
ii. Face-to-face / Proximity payment transactions (transactions which require the physical PPIs such as cards or mobile phones to be present at the point of transactions e.g., transactions at Point of Sale, etc.)
4. Reporting of unauthorised payment transactions by customers to PPI issuer
- i. JASP shall ensure that its customers mandatorily register for SMS alerts and wherever available also register for e-mail alerts, for electronic payment transactions.
- ii. The SMS alert for any payment transaction in the account shall mandatorily be sent to the customers and e-mail alert may additionally be sent, wherever registered. The transaction alert should have a contact number and / or e-mail id on which a customer can report unauthorized transactions or notify the objection.
- iii. Customers shall be advised to notify JASP of any unauthorized electronic payment transaction at the earliest and, shall also be informed that longer the time taken to notify JASP, higher will be the risk of loss to the JASP / customer.
- iv. To facilitate this, JASP shall provide customers with 24x7 access via website / SMS / e-mail / a dedicated toll-free helpline for reporting unauthorized transactions that have taken place and / or loss or theft of PPI.
- v. Further, a direct link for lodging of complaints, with specific option to report unauthorized electronic payment transactions shall be provided by JASP on mobile app / home page of its website / any other evolving acceptance mode.
- vi. The loss / fraud reporting system so established shall also ensure that immediate response (including auto response) is sent to the customers acknowledging the complaint along with the registered complaint number. The communication systems used by JASP to send alerts and receive their responses thereto shall record time and date of delivery of the message and receipt of customer’s response, if any. This shall be important in determining the extent of a customer’s liability. On receipt of report of an unauthorized payment transaction from the customer, JASP shall take immediate action to prevent further unauthorized payment transactions in the PPI.
5.Limited liability of a customer
A customer’s liability arising out of an unauthorized payment transaction will be limited to:
| Sr No
|
Particulars
|
Maximum Liability of the Customers
|
| (a)
|
Contributory fraud / negligence / deficiency on the part of the PPI issuer, including PPI-MTS issuer (irrespective of whether or not the transaction is reported by the customer)
|
Zero
|
| (b)
|
Third party breach ** where the deficiency lies neither with the PPI issuer nor with the customer but lies elsewhere in the system, and the customer notifies the PPI issuer regarding the unauthorized payment transaction. The per transaction customer liability in such cases will depend on the number of days lapsed between the receipt of transaction communication by the customer from the PPI issuer and the reporting of unauthorized transaction by the customer to the PPI issuer -
|
|
|
Within 3 days#
|
Zero
|
|
Within 4 to 7 days#
|
Transaction value or ₹10,000/- per transaction, whichever is lower
|
|
Beyond 7 days
|
Full Liability
|
| (c)
|
In cases where the loss is due to negligence by a customer, such as where he / she has shared the payment credentials, the customer will bear the entire loss until he / she reports the unauthorized transaction to JASP. Any loss occurring after the reporting of the unauthorized transaction shall be borne by JASP.
|
# The number of days mentioned above shall be counted excluding the date of receiving the communication from the PPI issuer.
**Third Party Breach:
The following would be considered as Third party breach where deficiency lies neither with JASP nor customer but elsewhere in the system:
- a) SIM duplication – Cloning of original SIM to create duplicate SIM
- b) Application frauds
- c) Skimming / cloning
- d) External frauds / compromise of other systems, for e.g. mail servers etc. being compromised
6. Reversal timeline for zero liability / limited liability of a customer:
On being notified by the customer, JASP shall credit (notional reversal) the amount involved in the unauthorized electronic payment transaction to the customer’s PPI within 10 days from the date of such notification by the customer (without waiting for settlement of insurance claim, if any), even if such reversal breaches the maximum permissible limit applicable to that type / category of PPI. The credit shall be value-dated to be as of the date of the unauthorized transaction.
Further, JASP shall ensure that a complaint is resolved and liability of the customer, if any, established within 90 days from the date of receipt of the complaint, and the customer is compensated as per provisions of paragraph 5 above. In case JASP is unable to resolve the complaint or determine the customer liability, if any, within 90 days, the amount as prescribed in paragraph 5 shall be paid to the customer, irrespective of whether the negligence is on the part of customer or otherwise.
7. Burden of proof:
The burden of proving customer liability in case of unauthorized electronic payment transactions shall lie on the PPI issuer.
8. Reporting and monitoring requirements
The concerned HODs shall ensure that a Report of the customer liability cases to the Board. The reporting shall, inter-alia, include volume / number of cases and the aggregate value involved and distribution across various categories of cases. The Board or one of its Committees shall periodically review the unauthorized electronic payment transactions reported by customers or otherwise, as also the action taken thereon, the functioning of the grievance redressal mechanism and take appropriate measures to improve the systems and procedures.
9. Other Points:
This policy should be read in conjunction with Customer Grievance Policy.
Clauses from the Customer Grievance Policy shall form a part of this policy where not specifically addressed in this policy.