NPCI BHIM Services Limited launched biometric authentication for UPI payments on the BHIM app on March 24, 2026. Users can now approve transactions of up to Rs 5,000 using their smartphone's fingerprint or facial recognition instead of entering a UPI PIN, with the feature available on both Android and iOS devices.
The Rs 5,000 threshold, approximately $58, balances convenience against security. Payments above this amount still require a UPI PIN, preserving the existing authentication model for higher-value transfers. Biometric data stays on the user's device and is never transmitted to NPCI servers, eliminating the risk of centralized biometric database breaches.
Failed transactions from incorrect PIN entry have been a persistent friction point as UPI scales past 800 million daily transactions. Industry estimates place PIN-related failure rates between 3 and 5 percent of all attempted payments. Biometric authentication removes this failure category entirely for qualifying transactions, which represent the majority of UPI's volume by count.
The feature supports core UPI payment flows: person-to-person transfers, merchant QR code scans, and online checkout. NPCI launched the capability on BHIM first. Integration into third-party UPI apps from providers such as PhonePe, Google Pay, and Paytm is expected to follow as NPCI standardizes the biometric authentication framework across the platform.
The launch comes one week before the Reserve Bank of India's two-factor authentication mandate takes effect on April 1, 2026, which requires stronger verification for all digital payments. Biometric verification qualifies as an inherence factor under the RBI framework, making BHIM's implementation compliant with the incoming rules while reducing checkout friction for end users.