Opinion | Cybersecurity a critical challenge for india’s digital payments ecosys3 min read . Updated: 30 Jan 2020, 10:13 PM IST
Frauds in digital payments account for about half of all bank fraud cases in India
Demonetization resulted in the withdrawal of 86% of India’s total currency value in circulation, leading to an enormous increase in the adoption and dependence on digital payments. Three years on, digital payments in India are witnessing consistent growth at a compound annual growth rate (CAGR) of 12.7%, while the mobile wallet market is expected to continuously grow at a CAGR of 52.2% by volume between 2019-23, according to a recent report by KPMG. This digital explosion can be seen in the accelerating rise in the download and use of electronic wallets as well as an unprecedented increase in digital transactions/payments.
While becoming a cashless economy is the end-goal, it is important to understand that the sudden push to ‘go digital’ may test the existing security and fraud control frameworks extensively. India’s status as a digital economy is at a very nascent stage and will evolve and innovate drastically in the coming years, especially with the increased convergence of sectors such as financial services, telecom, and information technology. This change will also come with its fair share of challenges, both in the short and the long term.
Cybersecurity is one of the most critical challenges faced by stakeholders of the digital payment ecosystem. With more and more users preferring digital payments, the chances of getting exposed to cybersecurity risks such as online fraud, information theft, and malware or virus attacks are also increasing.
Digital payment frauds account for about half of all bank frauds in India. The increasing number of frauds was also recently highlighted in the Rajya Sabha, where it was said that 1,367 frauds in FY 2016-17, 2,127 in FY 2017-18, and 1,477 frauds in FY 2018-19 were reported with regard to ATM/debit card, credit card and internet banking transactions of more than ₹1 lakh.
In view of this, the Reserve Bank of India (RBI) has also issued some guidelines as security and risk mitigation measures for digital payments. The central bank has taken steps for securing card transactions, internet banking, electronic payments, ATM transactions, and prepaid payment instruments (PPIs). It has also issued guidelines that limit the liability of customers on unauthorised electronic banking transactions.
Securing the fintech revolution
We need to understand that fraudsters today are building advanced technologies that can target the digital payments ecosystem. The changing nature of cybersecurity attacks such as web application attack, ransomware, reconnaissance, and DDoS attack clearly establish cyber-risk as a new reality.
A robust regulatory framework, an effective customer redressal framework, foolproof security measures to enable confidence and trust, incentives for larger participation and benefits similar to cash transactions are some measures that can help ensure long-term success for digital payments.
India is witnessing a consistent growth in usage of debit/credit cards over the last few years, but along with it also comes the increasing number of frauds involving these cards. Here, we can leverage technology for making these popular methods of cashless payments secure. Biometric authentication-enabled cards can provide a greater layer of security by enabling replacement of traditional PIN. Through biometric authentication, consumers can authenticate transactions by placing their finger on a fingerprint sensor embedded in the card while making payments at a point of sale. Safety is ensured as the consumer’s fingerprint is stored only in the secure chip within the card and the same chip is used to match the scanned fingerprint with the stored one. The biggest advantage is that the bank or merchant cannot access the consumer’s biometric data, which also counters potential privacy concerns. For enrolment of fingerprints, banks can send a device called an enrolment sleeve along with the card. This can power the card and guide consumers via enrolment.
Future looks promising
Despite all the security concerns, instruments such as debit/credit cards are becoming extremely popular in India with millennials emerging as the primary growth drivers. Also, RBI has forecast a 50% increase in mobile-based payment transactions. Payment systems such as UPI/IMPS are likely to register average annualised growth of over 100%, according to RBI’s 2021 vision document. Though cybersecurity and digital payment fraud cases pose a great risk, the digital payment ecosystem can surely be strengthened, with organisations, users, and the government sharing the responsibility of securing the digital payments. NXP, a market leader in credit card secure transactions through the use of technologies like NFC, provides variety of payment solutions so that our consumers are fully secure and safe while carrying their payment credentials using latest payment options like finger tap on credit cards and wearables etc.
Sanjay Gupta is vice-president and India country manager at NXP Semiconductors.