RBI proposes 'kill switch' for digital payments to combat fraud — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 18, 2026

Severity: MEDIUM | View Full Scam Details

RBI Proposes ‘Kill Switch’ for Digital Payments in 2026: A New Move Against UPI Fraud in India

Digital payment frauds continue to rise across India, and in 2026, the RBI has proposed a ‘kill switch’ to help users quickly block suspicious digital payment transactions — a crucial step in fighting UPI fraud.

What Is the RBI Proposes ‘Kill Switch’ for Digital Payments to Combat Fraud?

The Reserve Bank of India (RBI) has recently proposed introducing a ‘kill switch’ mechanism for digital payments in India. This is essentially an emergency button or feature that will allow users to instantly block or halt all outgoing payments via Unified Payments Interface (UPI) or other digital channels, if they suspect fraud or unauthorized access to their accounts.

UPI fraud has become a medium-risk threat, with hundreds of crores lost annually. Fraudsters often trick users into authorizing payments through phishing, SIM swap scams, or fake calls posing as bank officials. These scams have increased despite RBI and CERT-In advisories urging users to be vigilant. The new kill switch aims to empower users to stop such transactions immediately without waiting for bank intervention, limiting financial losses.

The Indian Cybercrime Coordination Centre (I4C) has been actively collaborating with RBI and CERT-In to monitor digital payment scams and promote consumer awareness. The kill switch proposal is part of a wider push by regulators to curb the increasing instances of digital payment fraud in India’s booming fintech space.

How This Scam Works — Step by Step

UPI fraudsters use social engineering tricks to manipulate victims into sharing sensitive details or authorizing transactions. Here’s a typical sequence fraudsters follow:

1. Initial Contact: Victim receives a call, SMS, or WhatsApp message claiming to be from their bank, RBI, or a government agency. The message may warn about suspicious activity or blocking of their account.

2. Phishing Link or OTP Request: The fraudster asks the victim to share the One Time Password (OTP) sent on SMS, or click on a link to “verify” their account or “update” Aadhaar details linked to UPI.

3. Fraudulent Authorization: Using the OTP or details, the fraudster initiates one or multiple UPI transactions from the victim’s account, often small amounts first (like ₹100-₹500) to avoid immediate suspicion.

4. Account Compromise & SIM Swap: Sometimes, fraudsters perform a SIM swap to bypass OTPs or transaction alerts, taking complete control over the mobile number linked with UPI.

5. Victim Notices Unauthorised Payment: Only after money is missing or transaction alerts flood the victim’s phone do they realise they have been scammed.

Without a quick kill switch, victims are helpless while transactions continue to drain money. The proposed kill switch would allow users to freeze all outgoing payments with a single tap or SMS.

Real Warning Signs to Watch For

• Unsolicited calls or messages urging immediate action on your bank or UPI account.
• Requests for OTP or UPI PIN over phone, SMS, or WhatsApp — legitimate banks never ask for these details.
• Links asking for Aadhaar or bank details for “verification” through WhatsApp or SMS.
• Fake caller ID or spoofed numbers pretending to be RBI, bank officials, or government agencies.
• Urgency or threat-based language pushing you to act immediately.
• Confirmation or transaction requests on UPI app that you did not initiate.
• Receiving multiple OTPs or UPI approval requests without your action.

What Happens to Victims

Victims of UPI scams in India often lose amounts ranging from a few hundred to several lakhs INR in minutes. Even though UPI transactions are instant and irreversible, refunds are difficult to obtain, especially if OTP or PIN was compromised through social engineering.

Emotionally, victims face stress and anxiety realizing their life savings or monthly budget is wiped out. The misuse of Aadhaar linked to UPI increases risks like identity theft and further financial fraud. SIM swap victims lose access to their phone number, causing disruption in communication and difficulty in securing their accounts.

Financial losses can impact creditworthiness if loan EMIs or bills bounce due to lost funds. Recovery often involves lengthy bank and police complaints, eroding trust in digital payments.

What RBI and CERT-In Say

The RBI has reiterated multiple times through advisories that users should never share OTP, PIN, or passwords over phone or SMS. It has mandated secure 2-factor authentication for all digital payments and warned against phishing scams.

CERT-In, India’s national cybersecurity agency, also issues regular alerts about emerging cyber threats, including UPI fraud and SIM swap scams. They advise users to verify caller identity and report suspicious incidents immediately.

The cybercrime helpline 1930 is available 24x7 to assist victims. The RBI’s customer helpline also guides users on reporting unauthorised digital transactions. These agencies are working together under the I4C framework to enhance India’s digital payment security ecosystem.

How to Protect Yourself

1. Never share OTP, UPI PIN, or passwords with anyone — not even bank officials.
2. Do not click on links received via WhatsApp, SMS, or email claiming to be from banks or government unless verified.
3. Enable app-level locks and biometric security on your UPI and banking apps.
4. Regularly check UPI transaction history and immediately block payments if you see unrecognised activity.
5. Use the proposed kill switch feature as soon as it is available to quickly block transactions during suspicious activity.
6. Register for mobile number re-verification with your telecom operator to avoid SIM swap fraud.
7. Report suspicious calls/messages to 1930 or cybercrime.gov.in immediately.

What to Do If You've Been Targeted

1. Immediately block or deactivate UPI payments either through your app or by contacting your bank.
2. Call your bank’s customer helpline to report unauthorized transactions.
3. File a complaint with the 1930 Cybercrime helpline and report the case on https://cybercrime.gov.in.
4. Inform your mobile operator if you suspect SIM swap or theft.
5. Change PINs and passwords linked to your bank account and Aadhaar.
6. Keep all communication and transaction records as evidence.
7. Seek police assistance if your losses are significant to initiate investigation.

Frequently Asked Questions

Q: What exactly is the RBI’s ‘kill switch’ for digital payments?
A: It is a quick action tool to immediately stop all outgoing UPI and digital payment transactions from your account if you suspect fraud, preventing further losses.

Q: Can I get my money back after a UPI fraud?
A: Refunds are difficult unless the bank confirms negligence or system failure. Acting quickly to block payments improves your chances, but prevention is key.

Q: How do I know if a call or message about my UPI account is genuine?
A: Banks and RBI never ask for OTPs, passwords, or PINs over calls or messages. Always verify by calling the official customer service numbers yourself.

Digital payments make life easy but also bring risk. To safeguard yourself, stay alert and use every tool, like the upcoming RBI kill switch, to protect your money. If you receive suspicious messages or calls, don’t act impulsively — verify first at BharatSecure.app before you respond or share any details. Your security is in your hands!