RBI's Universal Kill Switch: How UPI, Card, and Mobile Banking May Be Impacted

Over the last ten years, digital payments in India have exploded. According to the Reserve Bank of India (RBI), the number of digital transactions has grown 38-fold. At the same time, the total value of these payments has more than tripled. While it is now easier than ever to send money with a quick scan, it has also become much easier for scammers to steal it. According to data from the National Cyber Crime Reporting Portal (NCRP), around 28 lakh frauds were reported in 2025 alone, with the total volume of these scams soaring up to Rs 22,931 crore.

To fight back, RBI has released a new discussion paper titled "Exploring safeguards in digital payments to curb fraud." The most talked about idea in this plan is a universal kill switch that lets you freeze your account instantly. The central bank also wants to put a one-hour speed limit on certain large transfers to give you time to stop a mistake before it is too late.

A Centralised Security Override

The centrepiece of this regulatory framework is the "one-stroke kill switch." This will act as a comprehensive emergency brake for an individual's entire digital financial footprint. Currently, if a user suspects a security breach, they often have to access multiple apps or call centres to block separate cards and UPI handles.

This new proposal moves this control to the account level. With a single action, a customer can disable every digital channel linked to their bank account. This includes Unified Payments Interface (UPI), mobile banking applications, and internet banking services.

This change will overrule any previous user settings. When the system is activated, all outgoing digital movements are stopped. The reactivation of the account should be intensive to make sure that the scammers do not intimidate the victim into overturning this protection. The reactivation process can include sophisticated multi-factor authentication or a physical visit to a bank branch.

High-Value Peer-To-Peer Transfers

Peer-to-peer (P2P) transfers above Rs 10,000 are suggested to have a structural delay. Transactions done through UPI, the Immediate Payment Service (IMPS), National Electronic Funds Transfer (NEFT), and the Real Time Gross Settlement (RTGS) would have a wait time of one hour under this system.

In the process, the payer's bank will deduct the money instantly, although the receiver will not have access to the money for the next 60 minutes. This "cooling-off" period serves as a window for victims of fraud to identify a mistake and cancel the payment before the funds are permanently moved.

Furthermore, if a bank’s security algorithms flag a transaction as atypical for a specific user, the bank must seek additional reconfirmation. The institution will need to provide certain information about the reason why the payment is suspicious and have a clear warning. For regular transactions, users can employ a "whitelisting mechanism" which does not involve the kill switch. The one-hour delay would not apply to payments made to pre-verified, trusted contacts.

Improved Safety For Senior Citizens

To address the specific risks faced by senior citizens and differently-abled individuals, RBI has suggested a "trusted person" authentication model. Here, users may assign a second person to serve as a co-authoriser to any digital transaction over Rs 50,000.

In this case, the transaction is not finalised unless both the account holder and the trusted contact approve it. To prevent fraudsters from manipulating this setting, any request to change the designated trusted person will trigger a 24-hour cooling period. This will give time to the users to re-evaluate the change out of a high-pressure scam atmosphere.

Countering The Threat Of APP Scams

All of these measures are mainly aimed at fighting Authorised Push Payment (APP) scams. In these cases, criminals use social engineering to trick individuals into voluntarily transferring funds by impersonating bank officials, government authorities, or legitimate businesses.

It should be noted that these requirements will not apply to merchant payments at retail stores, online shopping, utility bills, or recurring insurance premiums. Cheque transactions also remain affected.