The banking system in India has witnessed excessive growth in the last decade with considerable use of advanced technology. ATMs and internet banking were already popular, but the face of banking has changed literally with mobile banking and the introduction of IMPS, mobile wallets and finally with UPI.
Today, there is hardly any need to visit a bank. Everything is on one’s mobile and so is banking.
India has one of the best of the payment systems in the world, which has indeed made banking easy and convenient. But at the same time, it has led to security issues, with fraudsters stealing customers’ account credentials using various modus operandi.
More than often people fall prey to a fraud of card cloning in which the card data is copied deceptively and later misused without the customer’s knowledge. In this type of fraud, fraudsters attach a device to the ATM that can be very difficult to detect. When one inserts an ATM card, the skimming device skims the data from the magnetic stripe. With this information, a duplicate debit card can be created. When combined with the PIN code, the duplicate card can be used to withdraw cash from ATMs.
Mobile and internet banking are top targets today for fraudsters. Frauds in mobile banking have grown exponentially during the last year. The major cause of this type of fraud is the social engineering of vishing technique where fraudsters mostly pretend to be representatives of one’s bank. They give various reasons as to why they need this information and try to seek personal information such as customer ID, net banking password, ATM PIN, OTP, card expiry date and CVV.
Going ahead, UPI has taken a lead today in mobile banking. When a card is cloned, the customer is not at fault but when a fraud takes place in UPI, it is certain that the customer is knowingly or unknowingly involved. If one gets a call that they may receive some old insurance money in their account (which they have never taken) or that one is about to get a refund of some payment they made many years ago, please remember that it is a big no-go zone.
While the whole ecosystem of UPI is highly secure with best-in-class level of security, the customer’s silly mistakes make the system vulnerable. The UPI has its own security layers in its applications and the central platform, but the final controls of transactions lie in the hands of customers. Customers out of fear or greed send SMSes to unknown mobile numbers. and later share their card details, OTP with fraudsters, which eventually results in them losing money.
While RBI, NPCI and banks have taken adequate measures to protect customers from such frauds, there are important things which customers must remember and put into practice while doing transactions.
The biggest precaution to avoid any fraud is to not give out details such as net banking usernames and passwords, debit or credit card numbers, CVVs and most importantly PIN and OTP under any circumstances. Bank never ask for any of the above details from their customers. Especially in UPI, application notifications are the most trustworthy and genuine when compared to the fake SMSes. Hence, it is advisable to always read app notifications carefully before taking any action.
Also, customers should avoid clicking any suspicious links received through SMS, WhatsApp or via email. Such links take you to a phishing site which is nothing but a fake website that looks exactly like one’s bank website. Not only this, customers should never search for the website of their banks in search engines and click directly to proceed further. Instead, type the bank website address manually in URL and ensures that it starts with https://.
In addition to this, while at the ATM, cover the keypad with one hand while entering a PIN. This can make sure that no one collects this piece of information even if there is a camera installed for recording. In case if one is using the card at a shop, restaurant or petrol pump, never let the shopkeeper or attendant take the card out of sight.
Banking technology and its security systems are very modern and are like a digital highway today. All one needs to do is drive carefully and vigilantly. If customers remain watchful while carrying out a transaction at an ATM, PoS, or via internet banking or on mobile, most frauds can be prevented.
Remember, technology has a solution but not for everything when it comes to human behaviour.
Bharat Panchal is chief risk officer for India, Middle East and Africa at FIS. The views in this article are his own.