To combat rising cyber threats and unauthorized transactions in online trading and demat accounts, SEBI has proposed a new security framework focused on technology-driven measures. The Consultation Paper outlines authentication mechanisms to prevent fraud and ensure only authorized users access trading accounts. The framework links the 𝐔𝐧𝐢𝐪𝐮𝐞 𝐂𝐥𝐢𝐞𝐧𝐭 𝐂𝐨𝐝𝐞 (UCC) to a registered mobile number and device to create a secure trading environment.
𝐊𝐞𝐲 𝐏𝐫𝐨𝐩𝐨𝐬𝐚𝐥𝐬
𝐒𝐈𝐌 𝐁𝐢𝐧𝐝𝐢𝐧𝐠 𝐌𝐞𝐜𝐡𝐚𝐧𝐢𝐬𝐦: A One UCC – One Device – One SIM model, ensuring only the registered device and SIM can access the account.
𝐁𝐢𝐨𝐦𝐞𝐭𝐫𝐢𝐜 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧: Mandatory fingerprint or facial recognition for secure logins.
𝐏𝐫𝐨𝐱𝐢𝐦𝐢𝐭𝐲-𝐁𝐚𝐬𝐞𝐝 𝐌𝐮𝐥𝐭𝐢-𝐃𝐞𝐯𝐢𝐜𝐞 𝐋𝐨𝐠𝐢𝐧: QR code-based, time-sensitive login with only one active session at a time.
𝐓𝐞𝐦𝐩𝐨𝐫𝐚𝐫𝐲 𝐀𝐜𝐜𝐨𝐮𝐧𝐭 𝐋𝐨𝐜𝐤-𝐈𝐧: Option to lock trading accounts when not in use.
𝐂𝐚𝐥𝐥 & 𝐓𝐫𝐚𝐝𝐞 𝐑𝐞𝐬𝐭𝐫𝐢𝐜𝐭𝐢𝐨𝐧𝐬: Orders placed only via dedicated, centralized contact methods.
𝐀𝐝𝐝𝐢𝐭𝐢𝐨𝐧𝐚𝐥 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐬: Monitoring and revoking active sessions, family account linkage with proper authorization, and a fallback for re-registration in case of device loss.
𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧 𝐚𝐧𝐝 𝐍𝐞𝐱𝐭 𝐒𝐭𝐞𝐩𝐬
As per SEBI, a phased rollout will begin with the top 10 Qualified Stock Brokers (𝐐𝐒𝐁𝐬), making the system optional at first, with plans for mandatory implementation. A copy of the Consultation Paper is attached.
Readers are welcome to provide their comments to Regstreet Law Advisors at info@regstreetlaw.com
Sumit Agrawal Kavish Garach Abhineet Pange Akarsh Tripathi Mahima Jayan Aditi Sahu Anushka Fuke Prachi Bothra