Two safety-related factors are of utmost significance today. The first is related to physical security from the coronavirus, and the second is “payment safety” from the rise in online scams. The government and other regulatory authorities, such as the NPCI, are urging citizens to use digital payments in order to reduce the risk of spreading malware on shared surfaces like currency or cards. While this action has expanded the number of customers covered by Digital India, it has also significantly increased cyber fraud. Cybercriminals prey on unsuspecting consumers, including novice or less tech-savvy users, by tricking them with lucrative emails, fear, and a lack of information.
The rise of online payments
Most Indians have adopted digital payments as a result of the pandemic because they believe cash may be a virus carrier. The most recent data from the National Payments Corporation of India (NPCI) shows that in December 2020, UPI recorded 2.23 billion transactions totaling INR 4,16,176.21 crore, or INR 4.16 trillion. In addition, the RBI predicted in 2020 that within five years, there would be 1.5 billion digital payment transactions daily, totaling INR 15 trillion.
The majority of people today use digital ways to pay their bills and buy necessities like groceries and power. There has been a paradigm shift in consumer tastes and practises. In July 2020, 57% of respondents to a poll by India Transact Services Ltd., a provider of merchant payment solutions, reported using digital payments 5–6 times per week, while 21% said they did so three times. 20% of respondents used digital payments only twice a week or less. These figures specify the amount of utilisation and, consequently, the potential consequences of fraud.
The Elevated risk of Fraud
Customers’ growing concerns and a lack of digital literacy have put many digital users in danger. Fraudsters are currently interfering with the official websites and posing as legitimate sources to trick users as they search for information about the pandemic across the globe. Customers must therefore use extreme caution when disclosing information or downloading files from unidentified emails.
The cyber division of the Mumbai Police reports that, compared to the same months in 2019, there was a 70% increase in e-wallet fraud and other related digital payment crimes from January to May 2020. The police have averaged 12 cybercrime complaints each day since the shutdown was implemented. Cybercrimes, including credit and debit card fraud, increased by 19% in Mumbai and by 51% in Maharashtra during this time. According to Rajesh Pant, the head of India’s cybersecurity department, the country will see over 375 cyberattacks daily in 2020. Additionally, it is projected that in the first nine months of 2022, cybercrime cost businesses and people a total of US$ 6 trillion in losses.
Fortunately, banks and other financial institutions may use innovative and secure solutions to prevent fraud-related dangers to the digital payment ecosystem.
Tokenization: This safe practise obviates the need for the user to share payment information for each online transaction, which is a key component of digital fraud prevention. This solution eliminates the need to transmit the real card number by substituting a token for it that the issuer can authenticate. Every time a transaction is completed, the credit card number is tokenized using a secure key, making digital payments secure and reducing the risk of fraud and data breaches.
When a user signs into a portal with the help of a password, he or she is sent a dynamic OTP via text message to a registered mobile number to authenticate the transaction. This is known as two-factor authentication (2FA). This precaution can be quite effective in preventing fraud because the hacker would need the cardholder’s phone number and login password to access the account.
These real-time authentication services in transaction communication, known as 3-Domain Secure (3DS) layers, let issuing banks and retailers exchange the information that customers supply for authentication. In this instance, after checking out, transactions are started and authorised using a password or dynamic one-time password (OTP) that the user receives through text message to their mobile device and email account.
Even if it is a little antiquated, the Address Verification Service (AVS) can be useful in reducing fraud. The AVS compares the data provided by a cardholder with that held by the issuing bank at the time of a transaction, among other things (such as card number and expiry date). The issuing bank notifies the merchant’s payment gateway of the AVS code when the data has been confirmed.
