According to the government of India digital transaction volumes up 51% in 2018-2019 to Rs 3,133.5 crore and do you know that circular of Reserve Bank of India (RBI) states that if a customer reports within seven days of an unauthorized transaction then only he/she is entitled to Rs 5000/- as a compensation irrespective of the loss. As we know that on November 8, 2016, the government of India announced its demonetization policy. The basic aim behind the announcement is to prevent the creation of black money, fake currency, and to stop tax evasion. This also resulted in bringing the concept of “Digital India” in a cause and run. With this move of the government, many citizens of the country are worried that how safe their cash is in a cashless economy as the banking fraud has increased by 59% of total cybercrimes committed in India. However, the Home Ministry’s statistics have also admitted that there has been a 40% increase in online fraud cases in the country.
According to one of the reports of PricewaterhouseCoopers (PWC) and ASSOCHAM it was clearly mentioned that 65% of the fraud cases in India are related to debit and credit cards. PWC stated that Indians shopping through mobile had increased by 800 percent but the sad part is that various types of fraud have been committed by using mobile banking and mobile wallets. The mobile wallets are prone to misuse and could lead to unauthorized deductions from the wallet of a customer even without their knowledge.
Types and modes of digital payment
In order to proceed with the campaign “Digital India”, the government of India has taken several measures to promote and encourage digital payments in India. One of the basic reasons behind this is to create a “digitally empowered” economy which should be ‘Faceless, Paperless and Cashless’. There are different types and modes of digital payment and some of them are-
- Banking Card: According to the ‘Cashless India’ “Banking cards offer consumers more security, convenience, and control than any other payment method. The wide variety of cards available – including credit, debit, and prepaid – offers enormous flexibility, as well. These cards provide 2-factor authentications for secure payments, for example, secure PIN (Postal Index Number) and OTP ( One Time Password). Rupay, Visa, MasterCard are some of the examples of card payment systems. Payment cards give people the power and authority to purchase items in stores, on the Internet, through mail-order catalogues, and over the telephone. They save both time and money of the customers as well as that of the merchant, and thus enable them for ease of transaction”.
- Aadhar Enabled Payment System (AEPS): AEPS is used for all banking transactions such as cash deposit, cash withdrawal etc. All bank related transactions can be done with the help of AEPS. There is no need to visit the bank physically, or to provide any credit or debit card, not even a signature on documents. But one condition to this is that your Aadhar number must be registered with the bank where you hold the account. This is an initiative that is taken by the National Payments Corporation of India (NPCI) to promote digital payments in the country.
- UPI: This is another type of digital payment system. In this, a person can send and receive money through a UPI based app. To avail this service a person has to link a bank account on a UPI app. The main advantage of this app is that you don’t have to put in the IFSC code. The only condition is one should have a bank account and registered mobile number which must be linked to the same bank account.
- Mobile wallet: It is a virtual wallet that stores card information on a mobile device. One can add money to a mobile wallet and use the same to make payments and purchase goods and services. Many banks in the country have launched e-wallet services and apart from banks, there are also many private players some of them are Paytm, Google Pay, Amazon Pay etc. This virtual wallet does not ask to remember a CVV or 4-digit pin.
- Bharat Interface for Money (BHIM) app: It’s a “Made in India” app. The BHIM app allows users to make payments using the UPI application. These transactions can be carried out using a VPA. A user has to link a bank account with the BHIM interface easily. A user can link multiple bank accounts. The BHIM app can be used by anyone who has a mobile number, debit card, and a valid bank account. Money can be sent to different bank accounts, virtual addresses or to an Aadhaar number.
Challenges for cashless transaction
In a country like India with 1.3 Billion of population, it will not be easy to promote and encourage campaigns like Digital Payment as one of the reasons is everyone is not wealthy and perfect. There are a number of challenges facing the introduction of a cashless system of payment in India. Some of them are-
Lack of digital literacy and infrastructure
The major part of India is still not educated. If they are not educated or if they are not provided with proper education or training chances are high that they might become victims of fraud or other malpractices or they might don’t know how to make digital payments or how to use credit/debit cards. Many people living in rural areas still do not own mobile phones or even if they have then very few own smartphones.
Security and privacy issues
Security and privacy issues can be considered as one of the biggest hurdles in the growth of the cash economy in India. People of India are much concerned about the leakage of personal information, hackers and fraudsters. Sixty-one percent of consumers of the country think that cashless transactions are not secure as there is a high risk of hacking and personal data being stolen. Besides this ten percent of consumers think that in case of cybercrime there is no grievance body to deal with these types of crime.
These days the internet has become one of the essential parts of our life and without the internet, the country cannot think of becoming digital. There are still many areas in India where we might face difficulty in having access to 3G or 4G networks. Sometimes due to loss of network connectivity, it becomes difficult to note whether a transaction has completed or not.
High dependency on cash
Many Indians are still depending upon the cash almost in all the transactions. According to the journal of Prof. Kuldeep Joshi, it is mentioned that total cash flow in the market accounts for 12.04% of the GDP, which is among the highest in developing countries.
Types of digital fraud and how to avoid them
There is no doubt that the payments via electronic means have made people’s lives quite easy and this also helps them to save a lot of their time. But we should not forget that a sudden increase in digital payments has also led to an increase in cases of cyber crimes.
According to the IANS report, they described the incident related to digital fraud which took place with one of the Thane residents. According to a report this Palisade, Village in Thane City resident (Complainant) who wanted to sell his furniture posted an ad on Facebook for the same. On 24 December he received a call from Rajendra Sharma who offered him to buy furniture and wanted to transfer the amount through payment gateways. However, after some time he realized that instead of receiving the amount in his account, the complainant found that around Rs.1 lakh has been debited from him during three transactions on two payment gateway.
In another case, there was a guy Amit Mishra who was at the airport when he realized that his phone battery is very low and needed a recharge. He then plugged his phone into the nearby USB power charging station at the airport. After some time Amit received an authorized debit SMS of Rs 80,000/- in his account. On investigation, it was found that the cord which was used by Amit consisted of an extra chip that deployed hidden malware which provided all the information stored in Amit’s phone to the fraudster.
These are some of the million cases where an individual has been attacked and his sensitive information has stolen.
How to stay protected from these kinds of frauds?
There are a number of ways to get protected from these kinds of cyber-attack and some of them are-
- Never ever share confidential details- According to Phone Pay, one should never share their confidential details like credit/debit number, CVV number, OTP(One Time Password) even if one asks you to give the details pretending to be an official representative from the bank or any third-party mobile app, tell them to share on your official Email ID registered with the bank.
- Transact only with trusted and certified online merchants- It is highly advisable to buy products from reputed and marketplaces only. Transactions on famous e-commerce platforms ensure payments are safe. However, it is also advised to read their terms as conditions before buying anything.
- Keep Track of all SMS/Email- It is advisable to check all the messages, pops, and other kinds of texts while doing transactions.
- Additional Safety- According to Kamesh Kumar, Co-Founder, WI Jungle. WI jungle is an Indian Cyber security company. According to him, one should install antivirus, firewall etc on these systems and smartphones. He also advised us to use HTTP websites and try to avoid charging laptops or smartphones in public places.
What to do when one becomes a victim of cyber fraud?
In case a person becomes a victim of cyber fraud he/she must approach and report to the nearest cyber-crime cell and also lodge FIR providing relevant details to police.
On 8th June 2017, Mr. Tony Davies realized that a total amount of Rs 16,25,000/- has been unauthorizedly transferred from the petitioners’ cash credit account by the way of online transactions which was effected through the online banking app of the bank. However, Mr. Davies mobile number which was registered in the bank also became dysfunctional on 6th June 2017, and immediately after this incident, he approached M/s Idea Cellular to inquire about the same. He was told by the representative of M/S Idea Cellular that his number has become dysfunctional as a duplicate SIM card had been issued on 6 June 2017 upon the request of the person who fraudulently represented himself as Mr. Davis. After the re-issuance of the duplicate sim, Mr. Davies realized that the above-mentioned amount had been unduly transferred to many accounts from the account of petitioners.
In this case, Mr. Cherian (Petitioner 1) has an overdraft facility account with South Indian Bank, and Mind strong HR Solutions (Petitioner 2) has an account with HDFC bank. On 28th April 2017, Petitioner 1 realized that an amount of Rs 23,00,000/- had been unduly transferred from the petitioner’s account by the way of online transaction effected through the banking apps of the bank. On 25th April 2017, Petitioner’s phone number which was registered in the bank became dysfunctional, and later on 27 April 2017, he approached the service provider M/S BSNL Telecom to enquire about the same. Petitioner 1 was told by the representative of M/S BSNL Telecom that his number had been dysfunctional as a duplicate sim card had been issued with respect to the number on 25th April 2017. It was issued on the representation of a person who fraudulently represented himself as Petitioner 1 by furnishing ID proof belonging to him. Upon the re-issuance of a duplicate sim card, Petitioner 1 realized that the above-mentioned amount had been unduly transferred to many such accounts from the petitioner’s accounts.
In the above two mentioned cases petitioners had approached the same court i.e. High Court of Kerala and with the same prayers. They all sought the declaration to the effect that they have zero liability with respect to the guidelines issued by Reserve Bank of India (RBI) on 6th July 2017. They also sought the direction of the bank to make good for loss suffered by them.
Contentions raised from Respondents side
Bank pleaded that password and telecom numbers are only known to the petitioners and without a lack on their part, others cannot operate their account. Bank also took the stand that a one-time password (OTP) was also generated through a mobile number linked to the bank account and the transaction was only validated after furnishing the correct one-time password which was generated through the system.
BSNL and M/S Vodafone Idea Ltd both impleaded as an additional respondent. In a counter affidavit filed by BSNL, it was stated that Mr. Cherian (Petitioner) has approached the office of BSNL on 27th April 2017 for the replacement of sim. In order to get sim replaced he also produced his driving license and also submitted the photocopy of the same.
However, after the investigation was transferred to the Crime Branch Crime Investigation Department Organized Crime Wing (CBCID OCW), they conducted an investigation and after several examinations, they came to the conclusion that the amount transferred from accounts of petitioners to several other accounts was done by the fraudsters based in West Bengal.
Held-: The court was in the opinion that it is the duty of the bank to protect the interest of customers in all circumstances. It’s the bank’s duty to provide safety for online banking transactions. The court held that the bank cannot claim any amount from the customer when the transaction is clearly shown as a “disputed transaction”. Only when it is proved that the transaction took place at the fault of the customer then only the bank can claim from the customer, independently through civil court. The Reserve Bank of India (RBI) also issued a circular regarding this in order to presume the innocence of the customer under these kinds of circumstances. However, this innocence of the customer can also be controversial but then the onus is upon the bank to prove the same.
Legal Reforms to afford cashless transactions
Data is considered to be one of the important resources of any company or industry be it BPO’s, technology or IT companies etc. It is also considered as a tool for corporates as it helps them to capture a large share market. But these days its security has become one of the most important concerns for industries. Not for industries particularly but also for many individuals as they think that online transactions are not safe as there is a high risk of hacking and personal data being stolen. Now let’s see some of the provisions which are made in order to overcome these problems.
- Section 43– Clause (b) provides protection against unauthorized downloading, extraction, or copying of data or information. This clause imposes heavy civil compensation which runs in crores. Clause (c) imposes compensation for the unauthorized introduction of a computer virus. Clause (I) provides compensation for deleting, destroying, or altering any information residing on the computer.
- Section 65– This section deals with a person who knowingly or intentionally conceals, destroys, alters, or causes another to do as such shall have to suffer imprisonment of up to three years or fine up to two lakh or both. This section takes care by providing protection against tampering of computer source documents i.e., copying/theft of software programs.
- Section 66– This section deals with protection against data theft. This section imposes the penalty of imprisonment of up to three years or fine up to five lakh or both on the person who commits a crime of data theft.
- Section 463– This section of The Indian Penal Code, 1860 describes the word “Forgery”. Forgery refers to making a false document or a part of it with an intention to cause damage to the public; or to any person, or to support any claim or title, or to commit any fraud etc. This means even if a person makes a false electronic document in order to fool a person in order to claim something then it will be considered as forgery u/s 463 of IPC.
- Section 465– This section deals with punishment for forgery. According to this section, any person who commits forgery shall be punished with imprisonment or either description for a term which may extend to two years or with fine or with both.
- Section 468- This section deals with forgery for the purpose of cheating. This section punishes forgery committed for the purpose of charting. This section does not require that the accused should actually commit the offense of cheating. What is material is the intention or the purpose of the offender in committing forgery.
It is a law that governs and regulates Payment Gateways in India with the main objective is to ensure that all the payment and settlements operating in India are safe, sound, efficient, and properly secured etc. This act empowers the Reserve Bank of India to regulate and oversee all the payment and settlement system in India also to provide settlement finality and a sound legal basis for the same.
Impact of COVID-19 on digital transactions
The number of cashless transactions has been rising as the coronavirus pandemic limits the use of physical payment. On 9th March 2017, the World Health Organisation has recommended people to turn cashless transactions in order to control the spread of Covid-19. Considering the guidelines, a number of governments and retailers across the world took action.
In China, thousands of banknotes were destroyed in order to eliminate the spread of the virus. In the USA, the Federal Reserve has started storing banknotes that came to the US from Asia before recirculating them back in the economy. Many countries like India also adopted policies like implementing a lockdown which resulted in an increase in online shopping from grocery stores, online pharmacies, recharge, bill payments etc. Some retailers have also banned the use of cash in their stores in order to keep their employees and customers safe. However, seeing the current situation it’s good to move on digital transactions but making payment online seems easy but still, there is a lack of standardization in the system. It should be done with due care and precautions.
It was and will be in the history of India, moving from a “cash heavy” economy to a “cashless” economy cannot be achieved without considering the development of rural India. While it is going to be a long journey a cashless economy has a lot of benefits for both the government and the consumers. The adoption of “Unified Payments Interface (UPI)” by National Payments Corporation of India (NPCI) is already showing tremendous results in terms of online transactions. RBI (Reserve Bank of India) has also set an ambitious target of increasing the number of digital transactions from 2069 crore in December 2018 to 8707 crores in ‘December 2021’. Apart from UPI transactions, RBI guidelines issued last October on wallet interoperability allowed users to transfer money across mobile wallet companies and banks, which has also provided a boost to the transactions. However, the government needs to step up its game and address the challenges that are plaguing rural consumers through a comprehensive approach.
LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: