RBI proposes 'kill switch' for digital payments — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated Jun 13, 2026

Severity: Medium | View Full Scam Details

RBI Proposes 'Kill Switch' for Digital Payments Scam in India 2026: Protect Yourself from UPI Fraud

Digital payment users in India face a growing threat as scammers exploit RBI’s proposed 'kill switch' feature for UPI transactions to trick victims and steal money.

What Is the RBI Proposes 'Kill Switch' for Digital Payments Scam?

In 2026, the Reserve Bank of India (RBI) proposed introducing a ‘kill switch’ feature for digital payments to instantly freeze or block suspicious transactions made through UPI and other platforms. While this move aims to enhance security, fraudsters posing as bank or fintech officials falsely claim they can activate this kill switch to protect your account—only to steal sensitive credentials or money instead.

This scam predominantly targets everyday digital payment users in India who rely on UPI apps and WhatsApp for banking updates or transaction alerts. The offenders create fake customer service portals on messaging apps, claim urgent action is needed due to ‘technical glitches’ or ‘fraudulent transactions’ flagged by RBI, and offer bogus links to ‘verify’ or ‘activate’ the kill switch.

Reported incidents to cybercrime authorities such as the Indian Cyber Crime Coordination Centre (I4C) and CERT-In show an increase in these impersonation scams, particularly affecting first-time digital payment users and the elderly who may not fully understand the new RBI feature’s rollout. Though the scam’s risk is assessed as medium (5/10), vigilance is critical as UPI fraud remains a top challenge for India’s fast-growing digital economy.

How This Scam Works — Step by Step

1. Initial Contact: A fraudster posing as a bank or UPI customer care agent contacts the victim via WhatsApp or phone call. They claim to be calling on behalf of RBI or the victim’s bank, referencing the new kill switch feature designed to enhance payment safety.

2. Creating Urgency: The caller alleges an urgent issue—like an unauthorized or suspicious transaction detected in the victim’s account, requiring immediate action to block further payments.

3. Sending Fake Links: To build credibility, scammers send official-looking website links or app download prompts on WhatsApp. These often mimic authentic RBI or bank URLs but lead to phishing sites.

4. Requesting Sensitive Information: The victim is asked to share UPI PIN, OTP (One Time Password), Aadhaar number, or mobile SIM details to ‘activate the kill switch.’ Some fraudsters may also request remote access to the victim’s phone.

5. Exploiting Access: Once scammers get these details, they initiate unauthorized UPI transactions, drain bank accounts, or misuse linked Aadhaar for identity theft.

6. Victim Realization: After the scam, victims find multiple unknown deductions from their bank accounts or UPI apps and cannot reverse transactions easily, as the fraud happens rapidly.

Real Warning Signs to Watch For

• Calls or WhatsApp messages urgently pressuring you to use the RBI ‘kill switch’ or verify your UPI account immediately.
• Requests for your UPI PIN, OTPs, Aadhaar details, or bank login credentials.
• Unofficial or suspicious website links sent via WhatsApp claiming to be RBI or bank portals.
• Callers claiming they represent RBI or your bank but the phone number doesn’t match official helplines.
• Unsolicited messages asking to download or install apps for kill switch activation.
• Inconsistent or poor grammar and spelling in messages supposedly from RBI.
• Being told payment reversals or account freezes require remote access to your phone.

What Happens to Victims

Victims lose hard-earned money through unauthorized UPI debits that are often difficult to reverse due to the speed and design of digital payment systems. Unlike traditional banking frauds, where chargebacks are possible, UPI transactions settle in real-time. Fraudsters exploit this by quickly siphoning funds before detection.

Beyond financial loss, victims suffer emotional stress, confusion, and loss of trust in digital payments, especially among rural and elderly users unfamiliar with digital banking nuances. In some cases, misuse of Aadhaar linked to UPI accounts has led to identity theft concerns, complicating recovery efforts. SIM swapping scams tied to this fraud pattern further jeopardize account safety, allowing attackers to intercept OTPs or transaction alerts.

What RBI and CERT-In Say

The Reserve Bank of India has consistently reminded users never to share OTPs, PINs, or passwords with anyone over calls or messages. RBI’s public advisories stress that the central bank or banks do not initiate calls to verify personal credentials.

CERT-In advises users to be cautious of phishing links and urges the public to report suspected cyber fraud immediately. The Indian Cyber Crime Coordination Centre (I4C) encourages victims to register complaints through cybercrime.gov.in and use helpline 1930 for assistance. These bodies continue to monitor emerging scams around digital payments and advise vigilance.

How to Protect Yourself

1. Never share your UPI PIN, OTP, Aadhaar, or bank details with any caller or WhatsApp contact, even if they claim to be from RBI or your bank.
2. Do not click on links or download apps received via unsolicited WhatsApp messages or calls about RBI’s kill switch.
3. Verify any payment alerts or transaction flags directly through your official bank or UPI app—not through links sent by unknown contacts.
4. Use the official RBI and bank helpline numbers for clarifications—do not rely on numbers given by strangers.
5. Enable two-factor authentication and lock your UPI app with additional security features.
6. Regularly monitor your bank statements and transaction history for unfamiliar debits.
7. Report suspicious calls or messages immediately to CERT-In and your bank’s fraud department.

What to Do If You've Been Targeted

1. Immediately block the UPI app on your phone, and request your bank to freeze your account or block debit transactions.
2. Change all relevant passwords and UPI PINs from the official app or bank website.
3. Call the RBI helpline or your bank’s official fraud helpline to report the incident.
4. File a complaint at the cybercrime portal (cybercrime.gov.in) and register a police FIR with local cybercrime authorities.
5. Contact the 1930 cybercrime helpline for guidance and assistance in India.
6. Inform your mobile service provider if you suspect a SIM swap attack was involved.
7. Keep all communication records and screenshots related to the scam for investigation purposes.

Frequently Asked Questions

Q: What exactly is the RBI ‘kill switch’ supposed to do?
A: The RBI kill switch is a proposed feature to quickly block all outgoing digital payments from your account or UPI app in case of suspected fraud. It is meant to give users more control but is not yet widely implemented or activated automatically.

Q: Can RBI or banks call me to activate this kill switch?
A: No. RBI and banks do not call individuals unsolicited asking to activate features or verify sensitive information. All official communications happen through secure messaging within bank apps or verified channels.

Q: How can I confirm if a message about RBI kill switch is genuine?
A: Cross-check by calling your bank’s official customer care or visiting their official website. Avoid clicking on links or responding to messages from unknown numbers and never share OTP or PIN codes.

If you receive suspicious messages or calls claiming to be about RBI’s kill switch or digital payment issues, always verify them at BharatSecure.app and report fraud via the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.