The rise in cases of financial frauds through various digital payment apps has put the police on alert. With amounts ranging from Rs 500 to Rs lakh, cyber fraudsters are on an online phishing spree, literally, trying to snatch any amount that comes their way. Catching them is a challenge as the police grapple with issues of manpower and protocol. Information has to be gathered and shared with state and private agencies, and this slows the police down, while agile-faced cybercriminals advance. Cyber Law Expert Advocate Mahendra Limaye says this will continue until the “second half” of the digital payment process is streamlined and strengthened.
Excerpts from an interview…
Q. What exactly is this ‘second half’ of the digital payment process you are talking about?
A. There are two important steps involved in any digital payment transaction. The first is when the money is withdrawn from the consumer’s bank account and the second is when it comes to the seller’s account. Now, we have focused all of our technological progress on the first process. Each innovation focuses on how fast the consumer can pay the seller. You see all the ads for digital payment apps and it talks about ease of payment, which is another word for FAST. You scan, or enter the mobile number or UPI ID and within milli-seconds, the money is deducted from your account. So, from the point of view of cybercriminals, there is tremendous opportunity from the consumer with the wrong click of the button.
> But the second part of this process is also digital, so how does it create a problem?
A. If the consumer challenges or raises objections on the transaction, it is not completely digital. Suppose you are being cheated online and your account has been debited by Rs.5,000. It can either be sent by mistake or you have been lured to proceed with fraudulent transactions. The reasons may be manifold, but the end result is that the money is immediately withdrawn from your account. Now try to get your money back. You can call the helpline number and at most they will block your card. But it’s too late, the money is already gone. So, now you have to go through the traditional and painstakingly long mode of communicating with the bank to get your money back. Even if you do file a complaint with the police, there is a lengthy protocol involved.
> And till then the money will not be known.
A. Not untraceable, as fortunately every transaction leaves a digital footprint. When your money gets into a criminal’s account, almost immediately, he can either withdraw it from the ATM or continue to transfer that money to one or more accounts, creating a long digital route. Eventually, this money will leave his bank account, either in the form of cash through ATMs or in the form of purchases of certain goods or cryptocurrencies. We have CCTV in ATM and any online purchase will be digitally proofed. The problem lies in taking all these available clues seriously. There is nothing to gain from banks spending their time and energy in tracing the financial route of the money, so it’s like file a cold case.
> But there are many cases where money has been recovered from fraudsters.
A. Which proves that banks can do so if they want. As long as the money is lying in the criminal’s account, it can be tracked and frozen. After following the legal process, that money can be returned to the victim. If this was being done in every case, nothing like this would have happened. That’s why I said that all banks should focus on the first step, get the money from the consumer’s pocket to the vendor as soon as possible.
>So what needs to be done?
A. The tracking of money routes has to be made superfast. And I repeat, banks are already aware of this, all they have to do is put in place a system where the currency route is tracked within milli-seconds and it freezes at its final destination. So, as soon as the victim comes to know that a particular transaction is fraudulent, he can immediately press a button on his app and the financial path of that transaction is tracked and blocked. This will instill confidence in the customers and will also help the police in catching and prosecuting the fraudsters.
> And this is the main reason for fraud.
A. The confidence of criminals increases when they come to know that no one is following them or it is difficult to catch them. Once banks make the second part of digital transactions robust, streamlined and user-friendly to make it challenging for the consumer, criminals will realize they can’t get away with it. The police will also get a readymade foolproof digital evidence to proceed with their case, as the fraudster may have opened a bank account by providing the identity proof document.
> What is the most common fraud that people are also falling prey to?
A. The latest report is about a QR code being sent to the victims which has to be scanned. I would advise people to be extremely careful while doing this. Scanning the QR code at the shop is different as the owner/employee is sitting at the counter. You can question them if something goes wrong. But if you send money to an unknown person sitting at your home, then its risk is very high. So think thrice before scanning even once.
There has been a rapid increase in people reporting cases of digital payment fraud.
A. Digital payment apps have grown tremendously due to its ease of use. You don’t need to worry about carrying cash and giving exact change. But while its use has increased, not every person using it is aware of the dangers of this process. It is not like cash where you are doing physical transaction, receive bills and can hold the receiver accountable in case of discrepancy. In digital payments, the receiver is an unknown entity.
Excerpts from an interview…
Q. What exactly is this ‘second half’ of the digital payment process you are talking about?
A. There are two important steps involved in any digital payment transaction. The first is when the money is withdrawn from the consumer’s bank account and the second is when it comes to the seller’s account. Now, we have focused all of our technological progress on the first process. Each innovation focuses on how fast the consumer can pay the seller. You see all the ads for digital payment apps and it talks about ease of payment, which is another word for FAST. You scan, or enter the mobile number or UPI ID and within milli-seconds, the money is deducted from your account. So, from the point of view of cybercriminals, there is tremendous opportunity from the consumer with the wrong click of the button.
> But the second part of this process is also digital, so how does it create a problem?
A. If the consumer challenges or raises objections on the transaction, it is not completely digital. Suppose you are being cheated online and your account has been debited by Rs.5,000. It can either be sent by mistake or you have been lured to proceed with fraudulent transactions. The reasons may be manifold, but the end result is that the money is immediately withdrawn from your account. Now try to get your money back. You can call the helpline number and at most they will block your card. But it’s too late, the money is already gone. So, now you have to go through the traditional and painstakingly long mode of communicating with the bank to get your money back. Even if you do file a complaint with the police, there is a lengthy protocol involved.
> And till then the money will not be known.
A. Not untraceable, as fortunately every transaction leaves a digital footprint. When your money gets into a criminal’s account, almost immediately, he can either withdraw it from the ATM or continue to transfer that money to one or more accounts, creating a long digital route. Eventually, this money will leave his bank account, either in the form of cash through ATMs or in the form of purchases of certain goods or cryptocurrencies. We have CCTV in ATM and any online purchase will be digitally proofed. The problem lies in taking all these available clues seriously. There is nothing to gain from banks spending their time and energy in tracing the financial route of the money, so it’s like file a cold case.
> But there are many cases where money has been recovered from fraudsters.
A. Which proves that banks can do so if they want. As long as the money is lying in the criminal’s account, it can be tracked and frozen. After following the legal process, that money can be returned to the victim. If this was being done in every case, nothing like this would have happened. That’s why I said that all banks should focus on the first step, get the money from the consumer’s pocket to the vendor as soon as possible.
>So what needs to be done?
A. The tracking of money routes has to be made superfast. And I repeat, banks are already aware of this, all they have to do is put in place a system where the currency route is tracked within milli-seconds and it freezes at its final destination. So, as soon as the victim comes to know that a particular transaction is fraudulent, he can immediately press a button on his app and the financial path of that transaction is tracked and blocked. This will instill confidence in the customers and will also help the police in catching and prosecuting the fraudsters.
> And this is the main reason for fraud.
A. The confidence of criminals increases when they come to know that no one is following them or it is difficult to catch them. Once banks make the second part of digital transactions robust, streamlined and user-friendly to make it challenging for the consumer, criminals will realize they can’t get away with it. The police will also get a readymade foolproof digital evidence to proceed with their case, as the fraudster may have opened a bank account by providing the identity proof document.
> What is the most common fraud that people are also falling prey to?
A. The latest report is about a QR code being sent to the victims which has to be scanned. I would advise people to be extremely careful while doing this. Scanning the QR code at the shop is different as the owner/employee is sitting at the counter. You can question them if something goes wrong. But if you send money to an unknown person sitting at your home, then its risk is very high. So think thrice before scanning even once.
There has been a rapid increase in people reporting cases of digital payment fraud.
A. Digital payment apps have grown tremendously due to its ease of use. You don’t need to worry about carrying cash and giving exact change. But while its use has increased, not every person using it is aware of the dangers of this process. It is not like cash where you are doing physical transaction, receive bills and can hold the receiver accountable in case of discrepancy. In digital payments, the receiver is an unknown entity.