Modi govt releases draft rules for m-wallets, smart cards payments and security

The government has released draft guidelines for transactions made through prepaid payment instruments (PPIs) like mobile wallets, smart cards and paper vouchers and also sought feedback from various stakeholders. The draft IT (Security of Prepaid Payment Instruments) Rules 2017 have been designed to ensure adequate integrity, security and confidentiality of electronic payments effected through PPIs.

“With the government promoting cashless economy and boost being given to various digital payment systems, a need is felt to develop a framework for security of various PPIs operating in the country,” it said.

The Ministry of Electronics and Information Technology (MeitY) has formulated the draft rules for security of prepaid payment instruments under provisions of IT Act 2000, it added. The rules entails the PPIs to ensure end-to-end encryption of the data exchanged and emphasised that e-PPI issuers assist customers with regard to secure use of the prepaid payment instruments.

Advertisement

‹

EVENT

Saksham Bharat 2026

A multi-stakeholder dialogue on skilling gap in Cybersecurity, Data Resilience and AI — and the roadmap to a Saksham Bharat.

📅 Tue, 26 May 2026

📍 Mumbai, Bengaluru, Delhi

Register Now →

EVENT

VeeamON 2026 Tour India - Mumbai

A VeeamON 2026 India Leadership Series Mumbai for senior public sector and government technology leaders.

📅 Tue, 26 May 2026

📍 Grand Hyatt, BKC

Register Now →

EVENT

Cyber Surakshit Uttar Pradesh

Find out strategies, frameworks and solutions for building a resilient and secure digital ecosystem across Uttar Pradesh.

📅 Thu, 28 May 2026

📍 Lucknow

Register Now →

EVENT

VeeamON 2026 Tour India - Bengaluru

A VeeamON 2026 India Leadership Series Bengaluru for senior public sector and government technology leaders.

📅 Wed, 03 Jun 2026

📍 JW Marriott Hotel

Register Now →

EVENT

VeeamON 2026 Tour India - Delhi

A VeeamON 2026 India Leadership Series Delhi for senior public sector and government technology leaders.

📅 Fri, 19 Jun 2026

📍 Shangri-La Eros

Register Now →

EVENT

Infosec Reimagined

Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.

📅 Fri, 26 Jun 2026

📍 New Delhi

Register Now →

EVENT

Digital Senate

Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.

📅 Thu, 30 Jul 2026

📍 New Delhi

Register Now →

EVENT

CIO Prism

CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.

📅 Fri, 18 Sep 2026

📍 Goa

Register Now →

›

“Every e-PPI issuer shall have in place and publish on its website and mobile applications the privacy policy and the terms and conditions for use of the payment systems operated by it in simple language, capable of being understood by a reasonable person,” it said.

Also, the rules mandate that each PPI company have a privacy policy posted on its website. They will also have to appoint a chief grievance officer, whose contact details will have to be prominently displayed on the website.

“The Grievance Officer shall act within 36 hours and shall resolve the complaint within one month from the date of receipt of such complaint,” it added.

The companies will also have to establish a mechanism for monitoring, handling and follow-up of cyber incidents and breaches. The last date for submitting comments on the draft is March 20.