The Reserve Bank of India (RBI) is establishing guidelines to improve security to phone banking users in India.  These changes involve an additional password that would be required by the banks while a cardholder makes any transaction.  This additional step in security will be implemented immediately after the New Year.  RBI will mandate all banks reject any banking transactions done over the telephone without a One-Time password (OTP).  These rules apply to Interactive Voice Response (IVR) services as well.

The One-Time password would remain active for a period of two hours and is valid only for a single use.  A separate OTP would be required for any IVR transactions.  The extra steps enacted would strengthen protection against the increasing instances of credit card theft.  It would render all stolen or lost credit cards unusable to thieves.  The banks for the Internet banking transactions are following a similar strategy. 

At the beginning of 2010, the banks were mandated to provide their customers with an additional security layer for all the credit card transactions made over the internet.  Banks were in the process of issuing OTP for their phone banking transactions while Citibank and HDFC have already made the required changes. 

Once the new security system is initiated, cardholders would require a minimum of five numbers to conduce a credit card transaction over the phone.  These include information such as the 16-digit card number, card expiration date, CVV number, mobile number, and finally the new OTP.