Context:
Occurrences of hacking, identity theft, and unauthorized access are increasing with rising online trading and mobile transactions. SEBI’s intent is to increase security in preventing frauds, unauthorized access, and SIM card spoofing.
Online Trading
“Online trading” refers to the act of buying and selling financial instruments like stocks, bonds, and commodities through an internet-based platform, allowing investors to execute trades directly from their devices, accessing real-time market data and managing their portfolios without needing a traditional broker to physically place orders for them, essentially, it’s trading on the stock market using an online platform.
Key Proposals
- SIM Binding for Trading Accounts
- Like UPI security, the account for trading shall now be linked to the mobile number and device.
- Only registered devices shall have access through a hard bound SIM.
- Mandatory Biometric Authentication
- Login will require either fingerprint or facial recognition.
- Only authorized users can access the accounts.
- Proximity based & QR Code Authentication
- The user can log in to multiple devices, but one active session at a time.
- QR code based authentic time out authentication will be needed to log in to the accounts from secondary devices, such as laptops.
- Investor Account Control Features
- Account functions available to investors will include:
- Temporarily lock their accounts.
- Monitor active sessions.
- Set trading parameters (e.g. volume and price band limits).
- Account functions available to investors will include:
- Family Control for Accounts
- Multiple Unique Client Codes (UCCs) can be accepted under one mobile device with adequate permission.
Implementation & Next Steps
- Phased rollout iteration starting with the top 10 Qualified Stockbrokers (QSBs).
- SEBI has invited public feedback on the proposals till March 11.
SEBI’s proposed measures enhance security and protection of the investor by reducing fraud risk in online trading. While the framework improves authentication, the challenges of compatibility and adaptation for the user shall arise for the implementation.