The National Payments Corporation of India (NPCI) has introduced a fresh set of guidelines aimed at enhancing the security and efficiency of Unified Payments Interface (UPI) transactions. These new regulations, which will take effect from April 1, 2025, require banks, Payment Service Providers (PSPs), and third-party UPI platforms like PhonePe, Google Pay, and Paytm to implement stricter monitoring and validation measures.
Key Changes in NPCI’s New UPI Guidelines
1. Mobile Number Revocation List (MNRL) Implementation
One of the major changes introduced is the mandatory use of the Mobile Number Revocation List (MNRL) and Digital Intelligence Platform (DIP) by banks and PSP apps. These platforms must update their database weekly to ensure that UPI IDs linked to deactivated or reassigned mobile numbers are not misused.
As per the Department of Telecommunications (DoT) guidelines, a mobile number that remains inactive for 90 days (without making calls, sending texts, or using mobile data) is deactivated and can be reassigned to a new user. NPCI’s directive aligns with this policy, ensuring that UPI IDs linked to inactive numbers are automatically deactivated, reducing the chances of erroneous transactions or fraud.
🔹 What it means for users: Ensure that your mobile number registered with your bank remains active to avoid any disruption in UPI services.
2. Phasing Out ‘Collect Payments’ for Individuals
Another major change is the removal of the ‘Collect Payments’ feature for individual users. According to an Economic Times report, NPCI has decided to limit this feature to verified merchants due to increasing fraud cases involving unauthorized or misleading payment requests.
Previously, the ‘Collect Request’ option allowed users to request money from others via UPI. However, this feature has been misused by fraudsters who send fake collect requests, tricking users into unintentionally approving transactions.
🔹 What’s changing?
The ‘Collect Payments’ feature will now be exclusive to large, verified merchants.
Person-to-person collect requests will be capped at ₹2,000, limiting fraud risks.
Why Are These Changes Important?
The rapid adoption of UPI payments in India has brought both convenience and security challenges. While UPI transactions continue to grow, fraudsters have been exploiting loopholes, especially through outdated mobile numbers and fraudulent collect requests. By implementing real-time database updates and restricting collect payments, NPCI aims to strengthen the security framework and minimize transaction errors and scams.
How Will This Impact UPI Users?
Ensure Your Mobile Number Is Active – If your registered mobile number is inactive for more than 90 days, your UPI ID may be deactivated automatically.
Be Cautious with Collect Requests – Going forward, only verified businesses will be able to use this feature, reducing fraud risks for users.
Regular Updates from Banks & PSPs – Expect more frequent alerts from your UPI provider regarding security updates and potential deactivation warnings.
Final Thoughts
With these proactive security measures, NPCI aims to make UPI transactions safer and more efficient. As India continues its journey towards a cashless economy, ensuring digital payment security remains a top priority. Users should stay vigilant, update their mobile numbers, and be mindful of collect requests to safeguard their transactions.
