The last decade was a period of rapid growth and market expansion for Indian fintech. Thanks to UPI, many fintech apps became household names. Along with their success, a narrative took hold that success in the space required reducing if not completely eliminating friction from UI/UX.
Design teams were told to make interfaces simple, easy to navigate and seamless. Bulky terms and conditions were pushed to the background. Visual nudges were added to help customers make the “right” choices faster. However, over time, what may have begun with the right intent has morphed into deceptive design practices to manipulate customers into making decisions that are ideal for businesses, and not so much for customers.
Today, such deceptive practices, popularly known as “dark patterns” are so prevalent and mainstream that it is the exception to find apps that do not deploy such tactics. In 2024, an ASCI study found that 52 out of 53 top Indian apps deployed some kind of deceptive practices.Of these, fintech apps ranked 3rd for having the maximum instances of dark patterns. In 2025, a survey by LocalCircles, based on inputs from over 2.5 lakh consumers found that digital lending, online payments, foreign currency and online banking apps were among apps with the maximum number of dark patterns, often having 7 or more distinct dark patterns within a single user journey.
While the Central Consumer Protection Authority (CCPA) issued a notification prohibiting dark patterns back in November 2023, it did not stipulate any direct penalties for violations. The continued prevalence of such practices suggest that regulation with more teeth is required. Now, the Reserve Bank of India (RBI)appears ready to join the fight. On February 11, it published draft amendments to the Directions on Responsible Business Conduct for RBI-regulated entities, to curb mis-selling and other manipulative conduct in the marketing and sale of financial products and services.
The proposals in the draft include prohibition on unsavoury practices such as compulsory bundling of products, sale without explicit customer consent, and sale of unsuitable products even with consent. For the first time, the RBIalso proposes to ban the use of dark patterns to sell financial products and services.
“Dark patterns” are defined in the draft as “any practices or deceptive design pattern using user interface or user experience interactions on any platform that is designed to mislead or trick users to do something they originally did not intend or want to do, by subverting or impairing the consumer autonomy, decision making or choice, amounting to misleading advertisement or unfair trade practice or violation of consumer rights.”
This is aligned with the CCPA’s definition.An illustrative list of such practices is also provided in the draft, including tactics like creating false urgency, forcing users to providemore of their personal data than required as a condition to use a service, making cancellation process complex or lengthy, not disclosing fees and charges upfront, pre-selecting options etc.These are commonly deployed on apps to bypass conscious deliberation by customers by artificially removing friction.
The draft requires regulated entities to carry out user testing and periodic audit of their apps to ensure that dark patterns are not deployed.This goes a step beyond the CCPA notification, requiring proactive periodic action to ensure compliance. If mis-selling is established, the regulated entity could be required to refund the entire amount paid by the customer for the purchase of the product or service and compensate the customer for any loss arising from such mis-selling.
Design is inherently contextual and user reactions to design choices are subjective.Given the ambiguity, regulated entities may need to maintain records for each stage of the design process outlining the context, design options that were considered and the reasoning behind the ultimate choices. User testing records and internal audit trails may also help to defend design decisions.
Ultimately, there is an element of persuasion in design decisions. The challenge lies in distinguishing legitimate persuasion from manipulative behaviour. Fintechs would need to tread the line carefully, overcompliance may result in clunky, unintuitive interfaces whereas undercompliance would defeat the regulatory objective.
The proposed measures seem encouraging at first glance. Fintechs would need to bring friction back into the customer journey, to allow for deliberate, informed decision making by customers. However, it remains to be seen whether fintechs are operationally equipped to comply with them.
Author: Deepthi Rajeev, Founder, DRN Legal. The views expressed are personal.
Interested in contributing an article? Please share your piece at contact@courtroomtoday.com
.
——————————————–
Have a case update, article, or deal to share? Courtroom Today welcomes contributions from lawyers, law firms, and legal professionals. Write to contact@courtroomtoday.com
