Sen is tech savvy. He had verified the caller’s phone number and identity on the Truecaller app. So when the caller asked him to accept the payment on his UPI (Unified Payment Interface) app and sent him a link, Sen agreed, and entered his PIN number. Suddenly, he saw his account being emptied of funds.
He realized the scamsters had sent him a link to authorize a debit, not make an advance. He spent the next few hours calling his bank. Since he had authorized the transaction on his own phone, there was little action the authorities could take, other than blocking further transactions.
Incidents of online fraud are not unique to UPI apps. Complaints related to identity theft, email scams, phishing and financial frauds have been increasing. Cyber crime incidents have more than doubled to 27,248 cases across India in 2018 as compared to 2016, according to a statement in the Lok Sabha in February 2020.
While some rise can be attributed to better reporting of crimes, it is clear this increasing trend calls for urgent action. There is need to understand the root causes for these incidents and create institutional responses.
It is also important for consumers to be aware of different kinds of fraud, and protect themselves. At a time when people are trying to go contactless and are switching to payment apps to avoid handling cash due to the coronavirus pandemic, they should be careful, and not scared, of using such apps and digital payment systems. Consumers can look for products that limit the chance of fraud.
There are three types of institutional responses that can limit the increase in fraudulent online transactions—designing products with desirable friction (or speed limits), building protection in tech interfaces through symbols and icons, and scaling up smart redressal and awareness mechanisms.
Firstly, product developers will need to introduce the right level of friction and warning signs without impeding the smooth flow of transactions. An analogy for this would be the speed limits on highways. Tech innovations such as the UPI payment apps enable super-fast transactions. Growth of UPI payments is evidence of this phenomenal pace—monthly transactions crossed over 1.3 billion in February. This has earned our digital finance infrastructure international recognition from the likes of the Basel-based Bank for International Settlements. However, scamsters have exploited the design of fast transaction flows.
As a counter measure, product designers can experiment with interventions, such as artificial intelligence (AI)-based tools, to provide advance warning for potentially fraudulent attempts, additional verification checks when payment requests are sent for the first time, and mandatory cooling off period between transactions. An example of this is WhatsApp’s experiment with features to introduce friction in viral fake news forwards by limiting the number of forwarded messages in groups and tagging specific messages as “forwarded".
Secondly, appropriate interface designs can help protect the most vulnerable users. As more Indians start using smartphones, millions of new Internet users will transact online for the first time. These new users are most likely to come from the currently under-penetrated rural areas and small towns, where the level of literacy is low and there is a lack of familiarity with technology. Developing transaction flows with appropriate use of symbols, icons and options for local languages can help make products more intuitive and its users less prone to frauds.
Thirdly, scaling up existing government initiatives, such as the National Cyber Crimes Reporting Portal, and consumer tech awareness campaigns such as Cyber Dost, can provide necessary tools for both prevention and redressal. The Reserve Bank of India’s campaign, RBI Kehta Hai, is a great step towards awareness and redressal for fraudulent transactions in banks by limiting users’ liability only till they notify the bank.
Cyber crimes, however, tend to apply across multiple sectors and jurisdictions.
Accountability of government agencies, such as consumer courts, banks, National Payments Corporation of India and state-specific cyber crime departments, has not been clearly outlined and communicated, leading to confusion, diffused accountability and prolonged remediation mechanisms. There is a need to institute integrated recourse and accountability systems.
Given the availability of digital evidence, investigations and trials can lead to speedy resolutions. If left unchecked, under-reported or unresolved, there will be no credible deterrent for scamsters. Moreover, government agencies need to scale up awareness campaigns like Jago Grahak Jago with enhanced scope for consumer tech products.
Technology enables amazing conveniences but is also double edged. Tech products can continue to make lives better when there is a guarantee of trusted relationships with people. An implicit guarantee of safety is essential to building this trust.
With the right speed limits on this tech highway, we can minimize accidents and build a thriving interplay of tech and society.With inputs from
C.V. Madhukar, partner at Omidyar Network India.Sushant Kumar is principal at Omidyar Network India.