Delhi HC Dismisses PlL Seeking Mandatory Requirement Of OTP For Transactions On International Websites

Karan Tripathi

11 Sept 2019 7:12 PM IST

  • Delhi HC Dismisses PlL Seeking Mandatory Requirement Of OTP For Transactions On International Websites

    Delhi High Court dismissed the writ petition seeking directions to be issued to the central government to make requirement of One Time Password (OTP) mandatory for transactions made on international websites. The Petitioner Amit Sahni had submitted in his petition that mandating the requirement of OTP for transactions made on international websites would prevent instances of...

    Delhi High Court dismissed the writ petition seeking directions to be issued to the central government to make requirement of One Time Password (OTP) mandatory for transactions made on international websites.

    The Petitioner Amit Sahni had submitted in his petition that mandating the requirement of OTP for transactions made on international websites would prevent instances of cheating with public at large. He had pointed out that for payment gateways that are not operated in India, there's no requirement for OTP authentication. This makes the customer vulnerable if his/her card is stolen.

    The petitioner had also argued that the subscription fee charged by various applications should also have an additional security layer of OTP as the same would ensure the consent of the customer before the transaction is made.

    Naginder Benipal, appearing for Union of India, countered the present petition by submitting that the mandate of the Reserve Bank of India doesn't extend to other jurisdictions. There are many jurisdictions such as the USA which do not follow the two-layer payment authentication system. It was also argued that there are already various other mechanisms in place such as mobile notifications, SMS alerts, etc, to ensure the security of the transaction.

    The Division Bench of Justice DN Patel and Justice Hari Shankar accepted the submission of Mr Benipal and went on to dismiss the petition.

    The court noted that the existing security infrastructure is sufficient to deal with the concerns raised by the Petitioner. Moreover, it was also opined that if any such case of security breach arises in future, that can be dealt with individually. Therefore, the same doesn't warrant a remedy under Public Interest Litigation.

    Next Story