FSC.BC. 123 /24.01.019/99-2000

November 12,1999

Dear Sir,

Some of the banks have introduced Smart Cards/ Debit cards and some more are desirous of introducing such cards. Since Smart Cards/ Debit Cards are new payment instruments, it has been considered necessary to issue broad guidelines to banks including safeguards to be observed in this regard. The guidelines are given in the Annexure-I for compliance by banks.

2. Banks may introduce Smart / Debit Cards with the approval of their Boards, keeping in view the Guidelines enclosed. While banks need not obtain the prior approval of the RBI, the details of smart / debit cards introduced may be advised to us together with a copy each of the agenda note put up to their Boards and the resolution passed thereon. It is advised that banks should not issue smart/debit cards in tie-up with any other non-bank entities.

3. The banks should review operations of Smart / Debit Cards and put up review notes to their Boards at half-yearly intervals, say, as at the end of March and September, every year.

4. A report on the operations of the Smart/ Debit Cards issued by banks may be forwarded to the Adviser-in-Charge, Reserve Bank of India, Monetary Policy Department, Mumbai 400 001 on a fortnightly basis, i.e., as on the reporting Friday, incorporating information as indicated in Annexure-II.

5. Please acknowledge receipt.

Yours faithfully,

( P.V. Subba Rao )
Chief General Manager

Enclosure: As above

• Electronic payment involving the use of card, in particular at point of sale and such other places where a terminal/device for the use/access of the card is placed.

• The withdrawing of bank notes, the depositing of the bank notes and cheques and connected operations in electronic devices such as cash dispensing machines and ATMs.

• Any card or a function of a card which contains real value in the form of electronic money which someone has paid for in advance, some of which can be reloaded with further funds or one which can connect to the cardholder's bank account (online) for payment through such account and which can be used for a range of purposes.

3. Eligibility of Customers:

The banks should issue the smart/ debit card to its customers having good financial standing and who have maintained the accounts satisfactorily for at least six months. However, the banks can issue on line debit cards to select customers with good financial standing even if they have maintained the accounts with the banks for less than six months. Banks can extend the Smart Card/ Debit Cards facility to those having saving bank account/ current account / fixed deposit accounts with built-in liquidity features maintained by individuals, corporate bodies and firms. Smart Card/ Debit Card facility should not be extended to cash credit/ loan account holders. The banks can, however, issue on line debit cards against personal loan accounts, where operations through cheques are permitted.

The outstanding balances / unspent balances stored on the smart / debit cards shall be subject to the computation for the purpose of maintenance of reserve requirements. This position will be computed on the basis of the balances appearing in the books of the bank as on the date of reporting.

In case of smart cards having stored value (as in case of the off-line mode of operation of the smart card), no interest may be paid on the balances transferred to the smart cards. In case of debit cards or on line smart cards, the payment of interest should be in accordance with the interest rate directives issued to banks from time to time under Sections 21 and 35A of the Banking Regulation Act, 1949.

6. Security and other aspects:

1. The bank shall ensure full security of the smart card. The security of the smart card shall be the responsibility of the bank and the losses incurred by any party on account of breach of security, failure of the security mechanism shall be borne by the bank.
2. No bank shall despatch a card to a customer unsolicited, except in the case where the card is a replacement for a card already held by the customer.
3. Banks shall keep for a sufficient period of time, internal records to enable operations to be traced and errors to be rectified (taking into account the law of limitation for the time barred cases).
4. The cardholder shall be provided with a written record of the transaction after he has completed it, either immediately in the form of receipt or within a reasonable period of time in another form such as the customary bank statement.
5. The cardholder shall bear the loss sustained up to the time of notification to the bank of any loss, theft or copying of the card but only up to a certain limit (of fixed amount or a percentage of the transaction agreed upon in advance between the cardholder and the bank), except where the cardholder acted fraudulently, knowingly or with extreme negligence.
6. Each bank shall provide means whereby his customers may at any time of the day or night notify the loss, theft or copying of their payment devices.
7. On receipt of notification of the loss, theft or copying of the card, the bank shall take all action open to it to stop any further use of the card.

7. Terms and Conditions for issue:

The relationship between the bank and the card holder shall be contractual. In case of contractual relationship between the cardholder and the bank:

1. Each bank shall make available to the cardholders in writing, a set of contractual terms and conditions governing the issue and use of such a card. These terms shall maintain a fair balance between the interests of the parties concerned.
2. The terms shall be expressed clearly.
3. The terms shall specify the basis of any charges, but not necessarily the amount of charges at any point of time.
4. The terms shall specify the period within which the cardholder's account would normally be debited.
5. The terms may be altered by the bank, but sufficient notice of the change shall be given to the cardholder to enable him to withdraw if he so chooses. A period shall be specified after which time the cardholder would be deemed to have accepted the terms if he had not withdrawn during the specified period.
6. (i) The terms shall put the cardholder under an obligation to take all appropriate steps to keep safe the card and the means (such as PIN or code) which enable it to be used.

• of the loss or theft or copying of the card or the means which enable it to be used;
• of the recording on the cardholder's account of any unauthorised transaction;
• of any error or other irregularity in the maintaining of that account by the bank.

7. The terms shall specify that the bank shall exercise care when issuing PINs or codes and shall be under an obligation not to disclose the cardholder's PIN or code, except to the cardholders.
8. The terms shall specify that the bank shall be responsible for direct losses incurred by a cardholder due to a system malfunction directly within the bank's control. However, the bank shall not be held liable for any loss caused by a technical breakdown of the payment system if the breakdown of the system was recognisable for the cardholder by a message on the display of the device or otherwise known. The responsibility of the bank for the non-execution or defective execution of the transaction is limited to the principal sum and the loss of interest subject to the provisions of the law governing the terms.

1. Name of the bank:

2. Period of reporting:

3. Type of the card with the hardware components - (I. C. Chip) e.g. Magnetic stripe, CPU, memory :

4. Type of the software used :

5. Names of products offered through the smart card:

6. Limits on the storage of the amount:

7. Re-loadability features:

8. Security standards followed :

9. Service provider: ( self or otherwise )

10. Total no. of outlets where the smart cards can be used:

Of which

11. Total no. of cards issued:

Of which –

1. against savings bank a/c:
2. against current a/c:
3. against float a/c:

12. Total amount of balance stored on the smart cards as on the date of reporting:

13. Total amount of unspent balance on the smart cards as on the date of reporting:

14. Total no. of transactions during the period :

15. Amount involved in the total no. of transactions:

16. Transaction settlement mechanism (full procedure) :

1. whether on-line or
2. off-line

17. Instances of fraud, if any, during the period :