I’m going soft on the RBI.
I really, really, really like Rajan’s presentation – I mean just the slides, since I wasn’t actually there – that were released today, as part of his speech at the FICCI-IBA Annual Conference. The clarity of thought is appealing, and that he sought to clear misconceptions about regulation, even more. (I’m not the kind of guy given to superlatives, especially not when it comes to the RBI, so I’ll just stop here)
I’ll highlight three parts of his presentation that I found quite interesting, in three quick posts. Firstly, two slides on the two-factor authentication issue that’s plagued the Indian startup space recently about how RBI is being a dick. (I have argued that what companies like Uber are doing is “cheating” the regulation, which has a good solid reason.)
The case for regulation is obvious – if everyone else in India has to do this, then no one should be able to by-pass it. But yes, there’s a need to ease the issue for faster processing, especially where the value of a service is not known at the time of booking (like in a taxi ride).
The RBI process of “doing better” is interesting because:
I do not want any company to be able to use just card information to charge me even if it’s just Rs. 10. Let me tell you why.
This still invites abuse in the sense that I need to call up my bank for each such abusive transaction, even if it’s small value. If my credit card information is read and a merchant were to charge a Rs. 10 fee, then he might be willing to take the risk that he has to pay it back if I refute it, but I still must spend the time trying to refute the charge!
If anyone has tried to call up their bank and refute transactions they will not have spent less than half an hour on hold or without having to type at least 10 different numbers and 6 IVR levels and pressed 9,0,# or anything in frustration. I would rather pull my hair out one by one than have to do this kind of thing for every abusive transaction. And that’s for those of us that are educated; if it frustrates us, how does it work for those that don’t have such knowledge?
Exactly ZERO of all the cards I own has a toll free number – all support numbers are charged and half an hour to a landline is an expensive proposition. Paying Rs. 30 on a phone bill to refute a Rs. 10 transaction is, honestly, silly. (Heck, phone companies could charge you Rs. 10 each time and then pay you back the refuted charge after you’ve paid them the money to make the call…wait, let me not put ideas in their head)
I would suggest to the RBI that a small value transaction system without 2-factor must require banks to have toll free and very quick resolution frameworks for all cards, including by phone, SMS, email and the web. That means I should be able to dispute a transaction by just sending an SMS back with a unique transaction ID (which they generate when they send me an SMS of every transaction in the first place).
As an extension, the RBI should require all banks to adhere to a common “refute and report” protocol, which every credit card holder can access to refute non-two-factor authenticated charges. Every bank must be required to accept requests to refute such transactions in a common format, and have to respond with an okay (must allow refute unequivocally, as risk is with the merchant). So private parties can write apps to ease the dispute process further, because we can no longer trust our banks to do anything useful without beating them on the head with regulation.
Oh yes, easy “refute” can hurt the merchant but the merchant took the no-two-factor risk, remember?
With enforced quick refute/resolution in place, some merchants should be able to take the risk on smaller value transactions (say below Rs. 1000, or better, leave it to the banks to figure the lower limit per account). We could finally get:
And so much more – all of these are small payments which are currently done with cash or the more painful two-factor auth card system, which can be eased and made substantially more attractive.
The implications of the RBI rule change will be massive. We would love to have customers pay monthly for Capital Mind Premium, for instance, with an auto-billing service they can cancel when they like. (We are happy to bear the costs of any refutes – we will not charge customers for what they no longer want)