In reference to frauds related to IPPB and POSB accounts, it is requested to follow the instructions below to prevent such incidents in the future.
- Restricted Finacle Access and MAC Binding: Finacle users can currently access and log into the Finacle web URL on systems other than their primary Service Outlet (SOL) to which they are mapped. This practice needs to be restricted. Access should only be granted on the systems within the primary SOL, which requires MAC binding with the primary SOL ID. If a situation warrants it, login access from other systems may be allowed only after obtaining approval from the divisional level.
- Biometric Authentication for POSA-IPPB Linkage: According to sub-para (i) and (v) of para (2) in the instructions for linking an existing POSA with an IPPB savings account, as outlined in the User Manual for POSB for IPPB-POSB interoperable transactions (Version 2.0, dated 29.08.2018), customers with an existing POSA account can link it only with their own IPPB savings account. This linkage should be initiated biometrically from the IPPB side, requiring biometric authentication from the customer to confirm consent for linking their POSA with their IPPB account. However, the POSA linkage is currently taking place through OTPs, bypassing biometric authentication. Although the rules clearly state that POSA linkage should be completed through biometric verification, this is not being followed, resulting in significant fraud cases. Therefore, it must be ensured that POSA linkages are carried out exclusively through biometric authentication.