Digital payments open to major security risks in India

In one of the biggest third-world countries, India, digital payments still have no legislation or infrastructure to govern them. This leaves any form of digital payment open to major cyber crime.

Cashless payment systems are increasing

With India seeing an enormous growth in cashless payment systems, more companies are investing in digital payment solutions. And many are not aware of the risks involved in legislation-free digital payments. Many of the startup companies cannot afford the kind of security that is found everywhere in the west. This is leaving the payment solutions companies open to all kinds of dangers, from fraud to theft, to possible litigation. Even with no legislation in place, the payment service providers are still liable for losses resulting from attacks on their inadequate systems.

Fraud and theft are the main threats

Vishak Raman is the Senior Regional Director for India’s South Asian Association for Regional Cooperation (SAARC). “The rapid shift to digital transactions will greatly increase our collective exposure to cyber security threats,” he said in a recent interview. The major threats posed in the country are fraud and theft through digital transactions. The Indian Central Bureau of Investigation (CBI) has already registered complaints against a group of 15 people who claimed fraudulent refunds through the Pay TM payment gateway for over 600,000 Indian Rupees. A spokesman for PayTM, the largest payment gateway in the country, said that this has brought out the several risks still inherent in their platform. However, the spokesperson did not give any indication as to when the “risks” will be addressed, and rectified. PayTM are adamant that their platform has very strong risk management practices in place.

Nation driven to demonetize quickly

Raman also believes that the lack of data breach notification software being used, and the requirement to publicly disclose any cyber attacks, means that most small companies do not know exactly how vulnerable they are. After the drive to “demonetize” the nation, on November 8, 2016, over seven million transactions were registered through PayTM in one day, totaling 1.2 billion Rupees. MobiKwik, another popular digital wallet vendor, experienced more than 2 million downloads over the two days straight after it launched its MobiKwik “lite” app. And the payments with PayU, a global payments provider, have rocketed from 1.2 million Rupees to more than 2.5 million Rupees since the demonetization.

Hackers are using expert phishing techniques

In order to steal the money in e-wallets, hackers create multiple fake accounts, and collect money in small amounts. They use psychological manipulation on digital newbies, as well as breaching server security to steal data. Many organisations are becoming more aware of the need for better and more advanced protection measure. However, they still any effective defenses against ransomware and cyber attacks. It requires a complicated combination of intelligence, expertise and technology to detect and counter cyber attacks.

Vulnerability will continue in 2017

Raman stated that firms in India, and parts of the rest of Asia, look to remain just as vulnerable long into 2017. Many Indian firms struggle to know that they have even been attacked. The average time between the attack and the discovery is around 520 days in the Asia-Pacific region. This is in comparison to just 146 days on average globally.

Private data is now in unsecure web space

India is ill-prepared to counter any potential risks with their huge increase in digital transactions. And with hundreds of millions of people’s private data being uploaded to digital space, the country is dangerously vulnerable. It is expected that India may face as big a wave of cyber attacks in the coming year as it did in 2016.

Related articles published in Cardholders Data security :

Source :

Image: Shutterstock