🔹 Trend 1: “Bank in Your Pocket” – Digital Everything
👉 Banks are shifting from branches 🏦 to apps 📱 for almost every service.
Key Buzzwords:
- CBDC (Central Bank Digital Currency / e-Rupee 💰):
Digital currency issued by RBI (not UPI, but actual money). Stored in wallets. - Neobanks 🌐:
App-only banks (e.g., Jupiter, Fi, Niyo). No branches, partner with traditional banks. - Super Apps 📱:
One-stop app for payments, shopping, tickets, investments (e.g., Tata Neu, Paytm). - AI & ML in Banking 🤖:
- Chatbots → instant customer support.
- Loan approval → quick decisions.
- Fraud detection → real-time alerts.
🔹 Trend 2: “Bank That Knows You” – Hyper-Personalization
👉 Banks use data + AI to offer tailor-made services (like Netflix 🎬 suggestions).
Key Buzzwords:
- Open Banking 🔓:
Customers own their financial data & can securely share it across platforms. - Account Aggregator (AA) Framework 📑:
India’s version of Open Banking. With consent, AAs fetch your data from Bank A & deliver to Bank B → faster loans & financial advice.
🔹 Trend 3: “Green Bank” – Sustainable Finance
👉 Banks judged by environmental & social responsibility 🌱.
Key Buzzwords:
- ESG (Environmental, Social, Governance) 🌍:
A “report card” for companies → banks check ESG score before lending. - Green Finance / Green Deposits 💸:
Funds used only for eco-projects (solar plants, EVs). - RBI strongly promotes green banking.
🔹 Trend 4: “Fort Knox Bank” – Advanced Security
👉 Digital shift = higher risk of cyberattacks ⚡ → stronger digital locks.
Key Buzzwords:
- Cybersecurity 🔐:
Protect against hacking, phishing, and data theft. - RegTech 🏛️:
Tech to simplify compliance with RBI rules (automated reporting). - Tokenization 🪙:
Card details replaced with a “token” → safer online payments.
📊 Quick Revision Table
| Buzzword / Trend | Meaning in One Line |
|---|---|
| CBDC (e-Rupee) | Official digital currency issued by RBI |
| Neobank | Branchless, app-only digital bank |
| Account Aggregator (AA) | RBI-regulated entity to share financial data securely |
| ESG | Framework to assess environment, social, governance performance |
| Green Finance | Lending/investing in eco-friendly projects |
| RegTech | Technology for regulatory compliance & reporting |
| Tokenization | Replaces card details with digital tokens for secure payments |
⚡ Exam Hack: Remember the 4 themes →
- Digital 📱 (CBDC, Neobanks, AI/ML)
- Personalization 🎯 (Open Banking, AA)
- Green 🌱 (ESG, Green Finance)
- Security 🔐 (Cybersecurity, RegTech, Tokenization)
Section A – Digital Payments & UPI
Q1. UPI in India is operated by:
(a) RBI
(b) NPCI
(c) SEBI
(d) SIDBI
Answer: (b)
Explanation: NPCI (National Payments Corporation of India) operates UPI.
Q2. UPI mainly facilitates:
(a) Only credit card payments
(b) Only ATM withdrawals
(c) Instant fund transfer between bank accounts using mobile apps
(d) Only ECS transactions
Answer: (c)
Q3. UPI is based on which type of payment system?
(a) RTGS
(b) IMPS
(c) NEFT
(d) ECS
Answer: (b)
Explanation: UPI is built on the IMPS infrastructure.
Q4. UPI works on which model?
(a) Card-Swiping Model
(b) Mobile Wallet Model
(c) Unified, real-time, bank-to-bank payment model
(d) Cheque Clearing Model
Answer: (c)
Q5. The 24×7 instant payment system that allows person-to-person and person-to-merchant payments through mobile apps in India is:
(a) NEFT
(b) UPI
(c) RTGS
(d) NACH
Answer: (b)
Q6. “UPI 123PAY” is mainly designed for:
(a) International UPI payments
(b) Feature phone users without internet
(c) Large-value corporate transfers
(d) ATM cash withdrawals
Answer: (b)
Explanation: UPI 123PAY enables UPI payments through feature phones (non-smartphones). India Today
Q7. As per RBI’s 2024 announcement, the per-transaction limit for UPI 123PAY has been increased to:
(a) ₹2,000
(b) ₹5,000
(c) ₹10,000
(d) ₹20,000
Answer: (c) – ₹10,000 India Today+1
Q8. UPI Lite is mainly used for:
(a) International remittances
(b) High-value corporate payments
(c) Small-value, offline-friendly retail payments
(d) Only credit card bill payments
Answer: (c) The Economic Times
Q9. As per recent changes, the UPI Lite wallet limit has been enhanced to approximately:
(a) ₹2,000
(b) ₹3,000
(c) ₹5,000
(d) ₹10,000
Answer: (c) – ₹5,000 (latest enhancement as per RBI-linked updates). Paytm+1
Q10. The main objective of raising limits for UPI Lite and UPI 123PAY is to:
(a) Discourage digital payments
(b) Promote high-value RTGS
(c) Improve convenience and inclusion for small and feature phone users
(d) Replace NEFT completely
Answer: (c) India Today+1
Q11. NPCI’s proposed 30% market share cap on UPI players has been deferred to:
(a) 2024
(b) 2025
(c) 2026
(d) 2030
Answer: (c) – end of December 2026 Reuters
Q12. The primary reason for deferring the UPI market share cap is:
(a) To ban foreign players
(b) To avoid disrupting UPI ecosystem growth
(c) To promote only government apps
(d) To reduce digital payments
Answer: (b) Reuters
Q13. Which of the following is NOT a UPI-based product?
(a) UPI AutoPay
(b) UPI Lite
(c) UPI 123PAY
(d) RTGS Pay
Answer: (d)
Q14. Which organization manages the Bharat Bill Payment System (BBPS)?
(a) SEBI
(b) NPCI
(c) IRDAI
(d) SIDBI
Answer: (b)
Q15. The major trend of linking credit lines to UPI aims to:
(a) Reduce the use of credit cards
(b) Provide easy, low-cost access to formal credit via UPI platforms
(c) Block credit to small vendors
(d) Replace bank branches
Answer: (b) Financial Times
Section B – Digital Rupee (CBDC) / e₹ – Very Important
Q16. The Digital Rupee (e₹) issued by RBI is an example of:
(a) Private cryptocurrency
(b) Central Bank Digital Currency (CBDC)
(c) Stablecoin issued by banks
(d) Virtual token by SEBI
Answer: (b) Reserve Bank of India
Q17. The retail CBDC pilot (e₹-R) by RBI was launched on:
(a) 1 April 2021
(b) 1 December 2022
(c) 1 January 2023
(d) 15 August 2022
Answer: (b) – 1 December 2022 Press Information Bureau
Q18. The digital rupee pilot is being tested in which segments?
(a) Only retail
(b) Only wholesale
(c) Retail and wholesale
(d) Only government payments
Answer: (c) – both retail and wholesale segments Reserve Bank of India+1
Q19. Which of the following is TRUE about Digital Rupee (e₹)?
(a) It is a cryptocurrency like Bitcoin
(b) It is issued by RBI and is legal tender
(c) It is issued by commercial banks
(d) It has no link with physical currency
Answer: (b) Reserve Bank of India
Q20. One of the key advantages expected from Digital Rupee is:
(a) Increase cost of printing currency
(b) Faster and cheaper payments with reduced settlement risk
(c) Complete elimination of UPI
(d) Replacement of all bank deposits
Answer: (b) Wikipedia+1
Q21. Recent pilots have introduced UPI interoperability for Digital Rupee, meaning:
(a) e₹ can be used only offline
(b) e₹ can be used with existing UPI QR codes
(c) UPI is discontinued
(d) e₹ can be used only for international trade
Answer: (b) Wikipedia
Q22. As per recent data, the usage share of Digital Rupee in total currency circulation is:
(a) Very high (>50%)
(b) Moderate (~25%)
(c) Very low (<1%)
(d) Exactly equal to physical cash
Answer: (c) – around 0.006% (very low) Wikipedia
Q23. In 2024–25, HDFC Bank introduced a new feature for Digital Rupee called:
(a) Digital Rupee Tax Wallet
(b) Programmable Digital Rupee
(c) Offline e₹ only
(d) Gold-backed e₹
Answer: (b) – user-level programmability for specific-use payments Wikipedia
Section C – FinTech, Open Banking, Account Aggregator
Q24. The Account Aggregator (AA) framework in India mainly enables:
(a) Cash deposits at BC points
(b) Secure, consent-based sharing of financial data
(c) Direct lending without banks
(d) Cryptocurrency trading
Answer: (b) Press Information Bureau
Q25. The Account Aggregator ecosystem was formally launched in:
(a) 2016
(b) 2017
(c) 2019
(d) 2021
Answer: (d) – launched in 2021 Press Information Bureau
Q26. Account Aggregator framework helps mainly in:
(a) Cash management of banks
(b) Digital KYC of employees
(c) Enabling “open banking” through data sharing with customer consent
(d) Only credit card transactions
Answer: (c) The Digital Fifth+1
Q27. “Open Banking” refers to:
(a) Banks sharing lockers
(b) Banks sharing customer data with third parties through secure APIs with customer consent
(c) Banks opening 24×7 physical branches
(d) Banks giving open loans without documents
Answer: (b) The Digital Fifth
Q28. In May 2024, RBI issued a framework for SROs in the FinTech sector. Here, SRO stands for:
(a) Systematic Regulatory Office
(b) Self-Regulatory Organisation
(c) Standardised Regulatory Operation
(d) Supervisory Risk Office
Answer: (b) FIDC+1
Q29. The main objective of the RBI’s FinTech SRO framework is to:
(a) Nationalize all FinTechs
(b) Allow FinTechs to work without any regulation
(c) Encourage self-discipline, transparency and consumer protection in the FinTech sector
(d) Ban foreign investment in FinTech
Answer: (c) FIDC+1
Q30. “Embedded Finance” is best described as:
(a) Finance only for embedded systems companies
(b) Integrating financial services (payments, credit, insurance) into non-financial platforms/apps
(c) Finance provided only by government banks
(d) Finance embedded in physical currency
Answer: (b)
Q31. “Neo-Banks” are:
(a) Traditional banks with many branches
(b) Banks offering only cash products
(c) Digital-only banks, often partnering with licensed banks
(d) Banks that deal only in foreign currency
Answer: (c)
Section D – Innovation & Regulatory Sandboxes
Q32. The Inter-operable Regulatory Sandbox (IoRS) introduced in 2025 aims to:
(a) Merge all regulators into RBI
(b) Allow cross-sector financial innovations under multiple regulators through a single sandbox
(c) Eliminate all fintechs
(d) Test only agricultural loans
Answer: (b) Reserve Bank of India
Q33. A Regulatory Sandbox in the banking/fintech context is:
(a) A physical testing lab
(b) A controlled environment to test new financial products with real customers under regulator supervision
(c) A social media platform
(d) A tax-free zone
Answer: (b)
Q34. The key benefit of an Inter-operable Regulatory Sandbox (IoRS) is:
(a) Faster currency printing
(b) Joint testing of products that fall under more than one regulator
(c) Reducing bank branches
(d) Stopping digital innovations
Answer: (b) Reserve Bank of India
Section E – AI, Data, and Security in Banking
Q35. The RBI committee in 2025 proposed a framework called FREEAI. It is related to:
(a) Free education schemes
(b) Responsible and ethical use of AI in financial sector
(c) Free ATM usage
(d) Free credit scores
Answer: (b) Reuters
Q36. The main purpose of RBI’s AI framework (FREEAI) is to:
(a) Completely automate RBI
(b) Promote AI in finance while managing risks and ensuring governance
(c) Replace human employees fully
(d) Allow uncontrolled use of AI
Answer: (b) Reuters
Q37. A major benefit of using AI in banking is:
(a) Guaranteed elimination of all NPAs
(b) Better fraud detection, credit assessment, and customer service
(c) Complete removal of regulations
(d) No need for customer consent
Answer: (b)
Q38. In 2025, RBI issued new directions on digital payment authentication. They make which of the following mandatory?
(a) Only password
(b) Only OTP
(c) Two-factor authentication (2FA) for all digital payment transactions
(d) No authentication for small payments
Answer: (c) The Times of India
Q39. The RBI directions on Authentication Mechanisms for Digital Payment Transactions will be effective from:
(a) April 1, 2024
(b) April 1, 2025
(c) April 1, 2026
(d) April 1, 2027
Answer: (c) – 1 April 2026 The Times of India
Q40. “RegTech” in banking means:
(a) Technology used in ATMs only
(b) Technology used for regulatory compliance and reporting
(c) Technology used in agriculture
(d) Technology to print currency
Answer: (b)
Q41. “SupTech” mainly refers to:
(a) Supervisory Technology used by regulators for oversight
(b) Technology for supermarkets
(c) Super-fast payments
(d) Super computers in banks
Answer: (a)
Section F – Financial Inclusion & Government / Policy Initiatives
Q42. A key digital public infrastructure (DPI) supporting banking and fintech in India is:
(a) SWIFT
(b) India Stack (Aadhaar, UPI, etc.)
(c) Only RTGS
(d) Only NEFT
Answer: (b)
Q43. The main objective of Jan Dhan–Aadhaar–Mobile (JAM) Trinity is:
(a) Promote cryptocurrency
(b) Enable direct benefit transfer and financial inclusion
(c) Encourage only cash payments
(d) Promote foreign banks
Answer: (b)
Q44. “Digital Public Infrastructure (DPI)” in India usually refers to:
(a) Government buildings only
(b) Shared digital platforms like UPI, Aadhaar, DigiLocker, FASTag that support multiple services
(c) Social media apps
(d) Private company apps
Answer: (b)
Q45. Which of the following is NOT directly related to financial inclusion via digital means?
(a) PMJDY
(b) UPI
(c) Aadhaar e-KYC
(d) Import Duty
Answer: (d)
Section G – Other Emerging Banking Trends
Q46. “Buy Now, Pay Later (BNPL)” is mainly a form of:
(a) Demand deposit
(b) Short-term consumer credit embedded in purchases
(c) Term deposit
(d) Government subsidy
Answer: (b)
Q47. “Green Finance” in banking refers to:
(a) Financing only for agriculture
(b) Financing projects that support environmental sustainability and climate goals
(c) Financing currency printing
(d) Financing only for export trade
Answer: (b)
Q48. “Sustainable Finance” includes:
(a) Only CSR spending
(b) Environmental, Social, and Governance (ESG) based lending and investment
(c) Only social sector lending
(d) Only green bonds
Answer: (b)
Q49. “Digital Lending Guidelines” issued by RBI focus mainly on:
(a) Reducing bank interest rates
(b) Regulating unregistered digital lending apps and protecting borrowers
(c) Banning all fintechs
(d) Promoting only manual loan processing
Answer: (b)
Q50. A key risk associated with digital lending and BNPL is:
(a) No credit risk
(b) Over-indebtedness of borrowers and misuse of data
(c) No operational risk
(d) Guaranteed repayment
Answer: (b)
Q51. “Cyber Resilience” for banks means:
(a) Only firewall installation
(b) Ability to prepare for, respond to and recover from cyber attacks
(c) Stopping all internet banking
(d) Only antivirus installation
Answer: (b)
Q52. A major trend in branch banking is:
(a) Opening only large branches in cities
(b) Phygital model – combination of physical branch + digital services
(c) Stopping all digital services
(d) Only ATM-based banking
Answer: (b)
Q53. “API Banking” allows:
(a) Only internal bank software
(b) Third-party apps to connect with bank systems securely to provide services
(c) Only ATM connectivity
(d) Only branch-level approvals
Answer: (b)
Q54. “Contactless Payments” using NFC are typically enabled through:
(a) Cheque book
(b) QR code only
(c) Tap-and-pay cards / mobile wallets
(d) Demand draft
Answer: (c)
Q55. A major risk in open banking is:
(a) Too many branches
(b) Data privacy and information security
(c) Cash management
(d) Low cheque usage
Answer: (b)
Q56. “Digital KYC” primarily aims to:
(a) Eliminate KYC completely
(b) Make KYC faster, paperless and more convenient using video, Aadhaar, etc.
(c) Increase branch visits
(d) Stop account opening
Answer: (b)
Q57. “Centralised KYC Registry (CKYCR)” in India is maintained by:
(a) RBI
(b) SEBI
(c) CERSAI
(d) NPCI
Answer: (c) – Central Registry of Securitisation Asset Reconstruction and Security Interest
Q58. The main benefit of Real-Time Fraud Monitoring systems in digital banking is:
(a) Increasing transaction time
(b) Identifying suspicious patterns and blocking fraud quickly
(c) Increasing manual workload
(d) Reducing digital payments
Answer: (b)
Q59. “Digital-only savings accounts” offered by banks are typically opened through:
(a) Physical KYC only
(b) e-KYC / Video KYC through mobile apps
(c) Only at corporate branches
(d) Through ATM cards
Answer: (b)
Q60. A key focus of modern banking trends up to 2025 in India is:
(a) Going back to cash-based economy
(b) Increasing paper-based processes
(c) Promoting digital, inclusive, safe and customer-centric financial services
(d) Avoiding technology
Answer: (c)
✅ 50 Advanced MCQs
A. DIGITAL RUPEE (CBDC) – HIGH-LEVEL MCQs
1. The Digital Rupee (e₹) is classified as which type of CBDC in India?
(a) Token-based wholesale only
(b) Account-based retail only
(c) Token-based retail & account-based wholesale
(d) Both retail and wholesale token-based
Answer: (c)
2. Which of the following BEST describes “programmable CBDC”?
(a) Money that can only be used offline
(b) Digital currency that can have conditional usage rules embedded
(c) Currency that expires after 24 hours
(d) Currency that fluctuates with inflation
Answer: (b)
3. A key difference between e₹-W (wholesale CBDC) and e₹-R (retail CBDC) is:
(a) Only e₹-W earns interest
(b) Only e₹-R is legal tender
(c) e₹-W is for inter-bank settlement; e₹-R is for public usage
(d) e₹-R is not backed by RBI
Answer: (c)
4. Which technology architecture is MOST suitable for retail CBDC scalability?
(a) Permissioned DLT
(b) Public blockchain
(c) Paper ledger
(d) No database required
Answer: (a)
5. Which of the following risks increases if CBDC is widely adopted?
(a) Higher currency printing cost
(b) Disintermediation of commercial banks
(c) Higher ATM usage
(d) Lower digital payments
Answer: (b)
6. A fully anonymous retail CBDC poses which major challenge?
(a) Payment delays
(b) AML/CFT non-compliance
(c) Lower RTGS usage
(d) Excessive taxation
Answer: (b)
7. The term “bearer instrument nature of CBDC-R” implies:
(a) Ownership is linked to PAN
(b) Ownership is linked to Aadhaar
(c) The holder of the token is considered the owner
(d) Only banks can hold CBDC
Answer: (c)
8. Offline CBDC systems are being tested mainly to:
(a) Replace ATMs
(b) Enable payments in no-network areas and during power cuts
(c) Reduce UPI adoption
(d) Reduce fraud
Answer: (b)
9. A CBDC system with tiered wallets allows:
(a) Same KYC for all users
(b) Zero-transaction limits
(c) Different KYC requirements based on wallet limits
(d) No regulatory control
Answer: (c)
10. Which of the following most concerns banks regarding CBDC adoption?
(a) Cyber risk becomes zero
(b) Loss of CASA deposits
(c) Increase in cheque clearing
(d) Increase in lockers
Answer: (b)
B. UPI – HIGH-LEVEL
11. UPI is fundamentally a:
(a) Closed-loop payments platform
(b) Centralized messaging layer with a decentralized settlement layer
(c) Blockchain-based system
(d) Wallet-based system
Answer: (b)
12. Which of the following functions is performed by NPCI’s “switch” in UPI?
(a) KYC verification
(b) Routing requests between PSP apps and banks
(c) Issuing debit cards
(d) Generating taxation reports
Answer: (b)
13. “UPI AutoPay” uses which RBI mechanism for recurring payments?
(a) eNACH
(b) NACH Debit
(c) Additional Factor Authentication exemption framework
(d) eKYC
Answer: (c)
14. UPI mandates two-factor authentication except for:
(a) Merchant QR payments
(b) AutoPay mandates
(c) P2P transfers
(d) Card-to-UPI transactions
Answer: (b)
15. The technical purpose of a Virtual Payment Address (VPA) is to:
(a) Store card details
(b) Mask bank account numbers
(c) Replace UPI PIN
(d) Block chargebacks
Answer: (b)
16. Which of the following explains UPI’s “intent flow”?
(a) Customer types UPI ID manually
(b) App-to-app deep linking triggers payment details auto-filled
(c) PIN-less transaction
(d) Bank branch authorization
Answer: (b)
17. The UPI mandate for interoperable digital wallets (2023–24) allows:
(a) Linking wallets to UPI for P2P & P2M payments
(b) Wallets to issue credit cards
(c) Wallets to issue deposits
(d) Direct IFC issuance
Answer: (a)
18. The risk of “proxy payments” in UPI refers to:
(a) ATM withdrawals without cards
(b) Payments initiated with invalid VPAs
(c) Merchant QR reuse
(d) Stolen SIM-based approvals
Answer: (d)
19. The main reason UPI has lower MDR for merchants is:
(a) Subsidy + public infrastructure design
(b) RBI pays the MDR directly
(c) Merchants pay interchange later
(d) Banks subsidize UPI
Answer: (a)
20. “UPI Lite X” supports offline payments using which technology?
(a) NFC
(b) QR only
(c) Wi-Fi only
(d) Satellite signals
Answer: (a)
C. FINTECH
21. FinTech lending models using AI-based credit risk are most vulnerable to:
(a) Syntax error
(b) Model bias & explainability issues
(c) High payment delays
(d) Lower profitability
Answer: (b)
22. A FinTech company classified as a “Loan Service Provider (LSP)” under RBI’s guidelines can:
(a) Keep customer funds
(b) Market loan products and perform customer acquisition
(c) Approve credit independently
(d) Store customer data indefinitely
Answer: (b)
23. The Digital Lending Guidelines prohibit:
(a) Direct disbursement into lender’s account
(b) Disbursement directly into borrower’s bank account
(c) Repayments via auto-debit
(d) Direct repayments to RE’s escrow
Answer: (a)
24. The “first loss default guarantee (FLDG)” arrangement is permitted under:
(a) SEBI guidelines
(b) RBI digital lending framework (with caps and restrictions)
(c) FEMA
(d) IBC
Answer: (b)
25. The biggest risk in fintech-led micro-loans is:
(a) Increased credit scores
(b) Over-lending due to algorithmic decisioning
(c) ATM outages
(d) Lack of digital KYC
Answer: (b)
26. Embedded finance is best illustrated by:
(a) Bank branch inside a mall
(b) Loan offered inside an e-commerce checkout
(c) ATM inside a shop
(d) Stock trading in bank app
Answer: (b)
27. “RegTech” solutions in banks are MOST useful for:
(a) HR recruitment
(b) Automated compliance & risk reporting
(c) Loan disbursal
(d) ATM management
Answer: (b)
28. “SupTech” solutions are used primarily by:
(a) Private banks
(b) Regulators for supervisory analytics
(c) NBFC-MFIs only
(d) Payment aggregators
Answer: (b)
29. A major risk with algorithm-based underwriting is:
(a) Too much documentation
(b) Model drift due to changing customer behavior
(c) Lower scoring speed
(d) High human involvement
Answer: (b)
30. Tokenization in digital payments mainly protects:
(a) ATM cards
(b) Customer card data by replacing real card number with a surrogate token
(c) Branch registers
(d) Bank deposits
Answer: (b)
D. ACCOUNT AGGREGATOR / OPEN BANKING
31. In the AA framework, the entity that encrypts and decrypts data is:
(a) FIP
(b) FIU
(c) AA
(d) RBI
Answer: (c)
32. Under AA, consent is:
(a) Revocable at any time
(b) Permanent
(c) Irrelevant for data access
(d) Stored only physically
Answer: (a)
33. A Financial Information Provider (FIP) is:
(a) Bank or NBFC giving data
(b) Only a regulator
(c) Credit bureau
(d) GST authority only
Answer: (a)
34. The AA architecture ensures that:
(a) AA stores customer data
(b) AA never stores customer financial data
(c) AAs can modify data
(d) AAs sell customer data
Answer: (b)
35. AA helps reduce NPAs by:
(a) Providing borrower’s consolidated financial profile enabling better credit assessment
(b) Increasing loan approval speed only
(c) Printing credit reports
(d) Increasing branch visits
Answer: (a)
36. “Open Credit Enablement Network (OCEN)” is designed to:
(a) Replace UPI
(b) Standardize credit APIs for digital lending
(c) Provide new currency
(d) Replace ATM networks
Answer: (b)
37. A major cyber risk in open banking is:
(a) Too many branches
(b) API vulnerabilities & improper authentication
(c) High cash usage
(d) Demand drafts
Answer: (b)
38. In the AA ecosystem, data moves in encrypted form using:
(a) AES end-to-end method
(b) API encryption + digital signature
(c) Manual encryption
(d) No encryption
Answer: (b)
39. Which of the following BEST describes “consent artefact”?
(a) Customer statement
(b) A machine-readable document specifying the scope, duration and purpose of consent
(c) Loan agreement
(d) OTP message
Answer: (b)
40. Which of the following is not an FIP under AA currently?
(a) Banks
(b) Insurance companies
(c) GSTN
(d) Petrol Pumps
Answer: (d)
E. CYBER SECURITY & DIGITAL PAYMENTS
41. The main reason UPI frauds occur even with PIN protection is:
(a) PIN cracking
(b) Social engineering & remote access scams
(c) Network outage
(d) Debit card cloning
Answer: (b)
42. Multi-factor authentication improves security by:
(a) Reducing encryption
(b) Adding multiple layers of identity verification
(c) Lowering operational efficiency
(d) Removing passwords
Answer: (b)
43. The RBI “directions on authentication mechanisms for digital payments (2024–26)” aim to:
(a) Reduce security
(b) Standardize risk-based, multi-factor authentication across payment types
(c) Remove all authentication
(d) Stop UPI
Answer: (b)
44. Transaction “risk scoring” systems primarily detect:
(a) PIN failure
(b) Fraud patterns based on heuristics and behavioural analytics
(c) ATM downtime
(d) Cheque bounce
Answer: (b)
45. In UPI, the PSP app is responsible for:
(a) Settlement
(b) Front-end, user authentication, and compliance with guidelines
(c) Issuing currency
(d) RTGS entries
Answer: (b)
46. A “man-in-the-middle” attack on QR payments exploits:
(a) QR code replacement
(b) NFC
(c) OTP
(d) Card tokenization
Answer: (a)
47. The “standing instructions framework” for UPI AutoPay allows:
(a) Unlimited payments
(b) Recurring debit without additional PIN each time
(c) ATM cash withdrawals
(d) Cross-border transfer
Answer: (b)
48. Transaction disputes in UPI are handled using:
(a) Cheque truncation system
(b) ODR – Online Dispute Resolution framework
(c) RTGS queue
(d) Paper claim
Answer: (b)
49. The purpose of “mandate creation” in UPI is:
(a) Disable payments
(b) Set up future-dated or recurring payments
(c) Change UPI ID
(d) Perform Aadhaar KYC
Answer: (b)
50. The key challenge in implementing Offline UPI (NFC-based) is:
(a) Device interoperability
(b) High bandwidth usage
(c) Mandatory internet
(d) Card requirement
Answer: (a)