Courses finance general banking
Lesson
08 of 97

🔐 Security and Cheques

Security features of bank notes and aspects of CTS cheques.

Security, Liability and Clearing

As digital banking grows, so does the importance of security protocols and determining liability when things go wrong. This lesson covers how liability is assigned in unauthorized transactions, the standards for physical cheques, and digital security mechanisms.

Customer Liability in Unauthorized Transactions

The Reserve Bank of India has established specific criteria to determine who bears the financial loss in case of unauthorized electronic banking transactions.

Decision tree for customer liability in unauthorized electronic banking transactions showing zero liability, customer negligence, delayed reporting, and bank board-approved policy outcomes
This decision tree shows how liability changes based on bank fault, third-party breach, customer negligence, and reporting delay.

Zero Liability

A customer has zero liability (meaning they lose no money) in specific scenarios:

  • Contributory fraud or negligence on the part of the bank: If the fraud occurs due to a lapse by the bank, unrelated to the customer.
  • Third-party breach: If a third-party system is compromised and the customer notifies the bank within 3 working days of receiving the communication from the bank regarding the unauthorized transaction.

Limited Liability

In cases where the customer bears some responsibility or delays reporting, the liability is shared or limited.

  • Customer Negligence: If the loss is due to customer negligence (e.g., sharing payment credentials), the customer bears the full liability until the unauthorized transaction is reported to the bank. Any loss occurring after reporting is borne by the bank.
  • Delay in Reporting (4-7 days): If the customer delays reporting the transaction for 4 to 7 working days, their liability is capped based on the account type:
    • BSBD Accounts: Maximum liability is Rs. 5,000.
    • Savings/Prepaid/Other accounts (with average balance up to 25 Lakhs): Maximum liability is Rs. 10,000.
    • Credit Cards (limit > 5 Lakhs) or other active accounts: Maximum liability is Rs. 25,000.
  • Beyond 7 days: If the delay exceeds 7 days, the customer's liability is determined as per the Board approved policy of the bank.

Reversal Timeline

To ensure customers are not out of pocket for long periods during disputes:

  • The amount involved in the unauthorized transaction must be reversed (credited back) to the customer's account within 10 working days from the date of such notification by the customer.
  • If the complaint is not resolved within 90 days, customer liability is automatically capped as per the limits mentioned above, regardless of the ultimate finding.

Turnaround Time (TAT) for Failed Transactions

When a transaction fails (money debited but not credited to beneficiary), banks must reverse the amount within a set timeframe. If they fail to do so, they must pay compensation of Rs. 100 per day of delay.

  • T + 1 day: For Card-to-card transfers, IMPS, UPI (Merchant transactions), NACH, and PPI transfers. The reversal must happen by the next working day.
  • T + 5 days: For ATM withdrawals, POS transactions, UPI (P2P) transfers, and AePS.

Cheque Truncation System (CTS)

The Cheque Truncation System (CTS) eliminates the physical movement of cheques. Instead, an electronic image of the cheque is transmitted for clearing. To ensure security in this image-based system, the CTS-2010 Standard was introduced with mandatory security features.

CTS cheque anatomy diagram highlighting UV dull paper, oval CTS-India watermark area, VOID or COPY pantograph area, and bank logo in UV ink
This CTS cheque diagram highlights the four security features students should recognize in image-based cheque clearing.

CTS-2010 Standard Features

  1. Paper Quality: The paper should be UV dull, ensuring it doesn't reflect UV light, which helps in detecting alterations.
  2. Watermark: A standardized "CTS-INDIA" oval watermark (2.6 to 3.0 cm in diameter) is embedded in the paper.
  3. VOID Pantograph: A security feature where a hidden "COPY" or "VOID" message becomes visible if the cheque is photocopied.
  4. Bank Logo: The bank's logo operates as a security primitive and is printed in UV ink, visible only under UV light.

Other Key Aspects

  • Positive Pay System: To prevent collecting banker fraud for high-value cheques, the Positive Pay mechanism allows customers to reconfirm key details (date, name, amount) of cheques larger than Rs. 50,000. While optional for customers, banks may consider making it mandatory for cheques above Rs. 5 Lakhs. This came into effect from January 1, 2021.
  • Non-CTS Cheques: The clearing sessions for non-CTS cheques were discontinued effective from June 30, 2020.
  • Record Preservation: The physical cheques or their images must be preserved by the presenting bank for 10 years.
  • Visual Standards: Cheques must use light or pastel colors to ensure the background doesn't interfere with the data. The Print Contrast Ratio (PCR) with the background must be greater than 60% for clear imaging.

Electronic Signatures (IT Act 2000)

Under the Information Technology Act, 2000, electronic signatures are given the same legal recognition as handwritten signatures.

  • They serve as the electronic equivalent of a handwritten signature, providing authentication and integrity to digital documents. Note that a simple scanned image of a physical signature is often not sufficient.
  • Mechanism: It typically relies on Public Key Cryptography (Asymmetric Encryption).
    • Private Key: This key is kept confidential by the signer and is used to create the digital signature.
    • Public Key: This key is shared openly and is used by the receiver to verify that the signature was created by the holder of the private key.

Offline Retail Payments (Pilot)

Rural India has patchy connectivity — farmers and shopkeepers can't always use UPI when there's no signal. To solve this, RBI introduced specialized offline payment solutions that work without internet.

  • Mode: These transactions happen in Proximity (Face-to-face) mode only — think NFC or Bluetooth, not remote transfers. Both parties must be physically present.
  • Mechanism: These payments operate through "store-and-forward" mechanisms — the transaction is stored locally on the device and synchronized with the bank once connectivity is restored. The money doesn't move instantly; it moves when the internet returns.
  • Transaction Limits: Since the bank cannot verify funds in real-time, RBI caps the risk. The upper limit for a single offline transaction is Rs. 500 (enhanced from Rs. 200 on August 10, 2023).
  • Total Limit: To further control exposure, the total outstanding offline balance on a payment instrument is capped at Rs. 2,000 at any point in time.
  • Replenishment: Once the limit is exhausted, the balance can only be topped up via online mode with Additional Factor of Authentication (AFA) — this forces the bank to verify the account balance before allowing further offline spending.

Summary Cheat Sheet

Concept / Topic Key Details / Explanation
Zero Liability — Bank Fault Customer has zero liability if fraud is due to bank's negligence/lapse
Zero Liability — Third-Party Breach Zero liability if customer reports within 3 working days of bank's communication
Customer Negligence (e.g., sharing credentials) Customer bears full liability until unauthorized transaction is reported; after reporting, bank bears the loss
Delay 4–7 Working Days — BSBD Accounts Max liability ₹5,000
Delay 4–7 Working Days — Savings/Prepaid Max liability ₹10,000 (avg balance up to ₹25 lakh)
Delay 4–7 Working Days — Credit Cards (>₹5L limit) Max liability ₹25,000
Delay Beyond 7 Days Liability per bank's Board-approved policy
Reversal Timeline Amount reversed within 10 working days of customer notification
Complaint Not Resolved in 90 Days Customer liability automatically capped at above limits
TAT — T+1 Day Card-to-card, IMPS, UPI (Merchant), NACH, PPI transfers
TAT — T+5 Days ATM withdrawals, POS, UPI (P2P), AePS
TAT — Delay Compensation ₹100 per day of delay
CTS — Full Form Cheque Truncation System — electronic image replaces physical cheque movement
CTS-2010 — Paper Must be UV dull (no UV reflection)
CTS-2010 — Watermark "CTS-INDIA" oval watermark, 2.6–3.0 cm diameter
CTS-2010 — VOID Pantograph Hidden "COPY"/"VOID" appears when photocopied
CTS-2010 — Bank Logo Printed in UV ink, visible only under UV light
Positive Pay System Customer reconfirms details of cheques >₹50,000; may be mandatory for cheques >₹5 lakh; effective 1 January 2021
Non-CTS Cheques Clearing discontinued from 30 June 2020
Cheque Record Preservation Physical cheques/images preserved for 10 years
Print Contrast Ratio (PCR) Must be >60% with background for clear imaging
Electronic Signatures — Law IT Act, 2000; same legal recognition as handwritten signatures
Digital Signature Mechanism Public Key Cryptography (Asymmetric Encryption): Private key (confidential, creates signature) + Public key (shared, verifies signature)
Offline Retail Payments — Mode Proximity (face-to-face) only; store-and-forward mechanism
Offline Payments — Per Transaction Limit ₹500 (enhanced from ₹200 on 10 August 2023)
Offline Payments — Total Limit ₹2,000 at any point in time
Offline Payments — Replenishment Only via online mode with AFA (Additional Factor of Authentication)

Lesson Doubts

Ask questions, get expert answers