Knowledge Nugget: RBI proposes ‘Kill Switch’ for payment safety. What it is and why it matters
April 19, 2026
UPSC Current Affairs: RBI proposes 'Kill Switch' to curb digital fraud. Learn about cyber security initiatives, mule accounts, SIM binding, and banking scams for Prelims/Mains.
In this context, let’s know what Kill Switch is and learn about various initiatives taken by the government to address the rising cases of digital fraud in the country.
Key Takeaways:
1. In its report, ‘Discussion Paper – Exploring Safeguards in Digital Payments to Curb Frauds’, the central bank has proposed several measures to address the rising incidents of fraud in digital transactions.
2. According to the RBI, card-based payment systems currently offer customers a ‘switch on/off’ facility for domestic and international usage, along with options to set limits for different types of transactions. It noted that this feature has been effective in empowering customers in terms of enhancing their control over payment instruments and reducing instances of fraud.
3. However, the RBI pointed out that similar user-controlled mechanisms are not uniformly available across other digital payment channels.
Story continues below this ad
4. The RBI proposed that Customers can be provided with a single facility to disable all digital payment transactions from the account (‘kill switch’) at one stroke. It said that activation of ‘Kill Switch’ at the account level shall override other controls / configurations set-up by the account holder.
5. “Once the kill-switch is enabled, disabling the kill-switch to re-activate digital payments can be permitted either through digital modes after taking proper authentication / verification measures, or through a physical visit to a bank branch by the account holder. For disabling the kill-switch through digital modes, the bank may put in place relatively stringent authentication / verification measures to ensure the genuineness of the customer,” it added.
6. However, it stated that certain types of transactions, such as payment mandates and standing instructions, may be exempted from the ‘Kill Switch.’
Government Initiatives to address the rising cases of Digital fraud
1. ‘bank.in’ domain for banks: To combat the increasing number of digital payment frauds, last year, the RBI introduced an exclusive internet domain for Indian banks – ‘bank.in.’ This aims to minimise cyber security threats and strengthen trust in the country’s digital banking system.
Story continues below this ad
2. New e-Zero FIR: I4C has introduced the new e-Zero FIR initiative to automatically convert cyber financial crime complaints with a cheating value above Rs 10 lakh, registered on the 1930 helpline or the National Cybercrime Reporting Portal (NCRP), into FIRs.
3. SIM Binding Rule: Department of Telecommunications (DoT) has directed online messaging platforms to bar users from accessing their services without the SIM card used to register for the application. The department has said that the directive is a way to combat rising digital fraud in the country.
— These directives were sent to companies like WhatsApp, Telegram, Signal, Arattai, Snapchat, Sharechat, Jiochat, and Josh. These platforms must now ensure that their services are “continuously” linked to the SIM card used to register with them. They must also disallow access if the SIM is not there in the device. In technical terms, this is called SIM binding.
4. Indian Cyber Crime Coordination Centre (I4C): Launched in 2020, I4C aims to combat Cybercrime in the country and strengthen the overall security apparatus to fight against Cybercrime. In September 2024, four I4C platforms — Cyber Fraud Mitigation Centre (CFMC), the ‘Samanvaya’ platform, a Cyber Commandos programme and a Suspect Registry— were launched. It provides a framework for law enforcement agencies to deal with cybercrime in a coordinated and comprehensive manner.
Story continues below this ad
5. Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS): It has been developed by the I4C and is operated by respective State/UT which brings together Law Enforcement Agencies of States/UTS, Banks and Financial Intermediaries on a single platform to take immediate action on the complaints regarding financial cyber frauds received through helpline number 1930.
6. MuleHunter.AI: In December 2024, the RBI announced that it has created an AI-powered model called MuleHunter.AI, which could reduce digital fraud by helping banks deal with the increasing problem of “mule” bank accounts. It has been developed by the Reserve Bank Innovation Hub.
BEYOND THE NUGGET: What are banking scams?
Banking scams or frauds involve criminals using deceptive tactics to steal money or sensitive information from victims. Fraudsters employ various methods, such as emails, text messages, phone calls, and fake websites, to trick individuals into divulging their financial details. Some common banking frauds are:
1. Phishing and spear-phishing: Scammers send fake emails or messages to trick victims into revealing sensitive information such as account details, credit card information, and PINs.
Story continues below this ad
2. Synthetic identity fraud: Fraudsters combine real and fake information to create identities for securing loans or opening accounts, leveraging data breaches and AI to evade detection.
3. Mobile banking frauds: Cybercriminals hijack phone numbers to bypass two-factor authentication (2FA) and steal funds by exploiting carrier vulnerabilities.
4. Jumped deposits: Fraudsters make small deposits to gain victims’ trust before initiating fake refund requests that trick them into revealing their UPI PINs.
5. ATM skimming and card cloning: IoT devices are used to steal card data from ATMs or payment terminals, enabling fraudulent transactions or card duplication.
Story continues below this ad
6. Government masquerader scams: Impostors pose as government officials to trick victims into sharing personal data or making fraudulent payments.
Post Read Questions
(1) In India, it is legally mandatory for which of the following to report on cyber security incidents? (UPSC CSE 2017)
1. Service providers
2. Data centres
3. Body corporate
Select the correct answer using the code given below:
(a) 1 only
(b) 1 and 2 only
(c) 3 only
(d) 1, 2 and 3
(2) The terms ‘WannaCry, Petya and EternalBlue’ sometimes mentioned in the news recently are related to (UPSC CSE 2018)
(a) Exoplanets
(b) Cryptocurrency
(c) Cyber attacks
(d) Mini satellites
Answer key 1. (d) 2. (c)
(Sources: RBI proposes ‘Kill Switch’ to secure digital payments, Knowledge nugget: MuleHunter.AI, Knowledge Nugget | ‘.bank.in’ domain for banks, UPSC Issue at a Glance | India’s Cybercrime Challenge : Rise and Response)
Story continues below this ad
🚨 Click Here to read the UPSC Essentials magazine for April 2026. Share your views and suggestions in the comment box or at manas.srivastava@indianexpress.com🚨
Key Takeaways:
1. In its report, ‘Discussion Paper – Exploring Safeguards in Digital Payments to Curb Frauds’, the central bank has proposed several measures to address the rising incidents of fraud in digital transactions.
2. According to the RBI, card-based payment systems currently offer customers a ‘switch on/off’ facility for domestic and international usage, along with options to set limits for different types of transactions. It noted that this feature has been effective in empowering customers in terms of enhancing their control over payment instruments and reducing instances of fraud.
3. However, the RBI pointed out that similar user-controlled mechanisms are not uniformly available across other digital payment channels.
Story continues below this ad
4. The RBI proposed that Customers can be provided with a single facility to disable all digital payment transactions from the account (‘kill switch’) at one stroke. It said that activation of ‘Kill Switch’ at the account level shall override other controls / configurations set-up by the account holder.
5. “Once the kill-switch is enabled, disabling the kill-switch to re-activate digital payments can be permitted either through digital modes after taking proper authentication / verification measures, or through a physical visit to a bank branch by the account holder. For disabling the kill-switch through digital modes, the bank may put in place relatively stringent authentication / verification measures to ensure the genuineness of the customer,” it added.
6. However, it stated that certain types of transactions, such as payment mandates and standing instructions, may be exempted from the ‘Kill Switch.’
Government Initiatives to address the rising cases of Digital fraud
1. ‘bank.in’ domain for banks: To combat the increasing number of digital payment frauds, last year, the RBI introduced an exclusive internet domain for Indian banks – ‘bank.in.’ This aims to minimise cyber security threats and strengthen trust in the country’s digital banking system.
Story continues below this ad
2. New e-Zero FIR: I4C has introduced the new e-Zero FIR initiative to automatically convert cyber financial crime complaints with a cheating value above Rs 10 lakh, registered on the 1930 helpline or the National Cybercrime Reporting Portal (NCRP), into FIRs.
3. SIM Binding Rule: Department of Telecommunications (DoT) has directed online messaging platforms to bar users from accessing their services without the SIM card used to register for the application. The department has said that the directive is a way to combat rising digital fraud in the country.
— These directives were sent to companies like WhatsApp, Telegram, Signal, Arattai, Snapchat, Sharechat, Jiochat, and Josh. These platforms must now ensure that their services are “continuously” linked to the SIM card used to register with them. They must also disallow access if the SIM is not there in the device. In technical terms, this is called SIM binding.
4. Indian Cyber Crime Coordination Centre (I4C): Launched in 2020, I4C aims to combat Cybercrime in the country and strengthen the overall security apparatus to fight against Cybercrime. In September 2024, four I4C platforms — Cyber Fraud Mitigation Centre (CFMC), the ‘Samanvaya’ platform, a Cyber Commandos programme and a Suspect Registry— were launched. It provides a framework for law enforcement agencies to deal with cybercrime in a coordinated and comprehensive manner.
Story continues below this ad
5. Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS): It has been developed by the I4C and is operated by respective State/UT which brings together Law Enforcement Agencies of States/UTS, Banks and Financial Intermediaries on a single platform to take immediate action on the complaints regarding financial cyber frauds received through helpline number 1930.
6. MuleHunter.AI: In December 2024, the RBI announced that it has created an AI-powered model called MuleHunter.AI, which could reduce digital fraud by helping banks deal with the increasing problem of “mule” bank accounts. It has been developed by the Reserve Bank Innovation Hub.
BEYOND THE NUGGET: What are banking scams?
Banking scams or frauds involve criminals using deceptive tactics to steal money or sensitive information from victims. Fraudsters employ various methods, such as emails, text messages, phone calls, and fake websites, to trick individuals into divulging their financial details. Some common banking frauds are:
1. Phishing and spear-phishing: Scammers send fake emails or messages to trick victims into revealing sensitive information such as account details, credit card information, and PINs.
Story continues below this ad
2. Synthetic identity fraud: Fraudsters combine real and fake information to create identities for securing loans or opening accounts, leveraging data breaches and AI to evade detection.
3. Mobile banking frauds: Cybercriminals hijack phone numbers to bypass two-factor authentication (2FA) and steal funds by exploiting carrier vulnerabilities.
4. Jumped deposits: Fraudsters make small deposits to gain victims’ trust before initiating fake refund requests that trick them into revealing their UPI PINs.
5. ATM skimming and card cloning: IoT devices are used to steal card data from ATMs or payment terminals, enabling fraudulent transactions or card duplication.
Story continues below this ad
6. Government masquerader scams: Impostors pose as government officials to trick victims into sharing personal data or making fraudulent payments.
Post Read Questions
(1) In India, it is legally mandatory for which of the following to report on cyber security incidents? (UPSC CSE 2017)
1. Service providers
2. Data centres
3. Body corporate
Select the correct answer using the code given below:
(a) 1 only
(b) 1 and 2 only
(c) 3 only
(d) 1, 2 and 3
(2) The terms ‘WannaCry, Petya and EternalBlue’ sometimes mentioned in the news recently are related to (UPSC CSE 2018)
(a) Exoplanets
(b) Cryptocurrency
(c) Cyber attacks
(d) Mini satellites
Answer key 1. (d) 2. (c)
(Sources: RBI proposes ‘Kill Switch’ to secure digital payments, Knowledge nugget: MuleHunter.AI, Knowledge Nugget | ‘.bank.in’ domain for banks, UPSC Issue at a Glance | India’s Cybercrime Challenge : Rise and Response)
Story continues below this ad
🚨 Click Here to read the UPSC Essentials magazine for April 2026. Share your views and suggestions in the comment box or at manas.srivastava@indianexpress.com🚨