Search This Blog

Showing posts with label UPI. Show all posts

Indian Digital Currency Era – A Quick Look

Compared to more conventional forms of money like cash notes or coins, electronic money stored in bank accounts, mobile banking applications, and credit cards is quickly replacing the public's perception of finance.

The popularity of UPI demonstrates the preference for digital money systems. India has been pushing hard to become cashless, starting with the decision to implement demonetization in 2016. That same year also saw the launch of the real-time payments system known as the Unified Payments Interface (UPI). The paradox in the existing system is that although digital transactions are becoming more common, cash is still very popular in India.

In terms of transaction value, UPI executed 7.3 billion transactions in October, totaling Rs. 12.11 lakh crore, a record high. While volumes increased 73.3 percent during the same period, transaction values increased by 56.6 percent year over year.

Cryptocurrencies vs. Digital Rupee

A CBDC, as defined by the RBI, is "a legal tender issued by a central bank in digital form. It can be exchanged one-to-one for fiat money and is equivalent to it. All that has changed is its form. "

However, it is impossible to directly compare a CBDC to a cryptocurrency.

"A CBDC is not a commodity or a claim on a commodity or a digital asset, unlike cryptocurrencies. They are not money definitely not a currency in the sense that the term has historically been used, "according to the RBI's release.

According to the tracker maintained by the Atlantic Council, 98 nations are currently investigating CBDCs. Of these, 11 nations have started CBDCs. In light of this situation, the RBI is acting in a calibrated way to start CBDCs. It is currently looking into the possibility of implementing wholesale CBDCs based on accounts and retail CBDCs based on tokens.

"When something new enters the market, the old need to adapt, and the new need to control the change", says Nikhil Kamath, co-founder of Zerodha. "While many have been critical of #CBDC, we might be overlooking the big picture, remittances, unbanked economy, and minimizing subsidy leakage."

The increasing use of cryptocurrency stablecoins, which tie their value to another currency or asset, has also alarmed a number of central banks. According to a Press Trust of India report, RBI officials informed a parliamentary finance committee in 2022 that the 'dollarization' of a portion of the economy by cryptocurrencies could be detrimental to the nation's interests.

Money transfers via cell phones would be quick and easy, according to Sathvik Vishwanath, co-founder, and CEO of Unocoin, a rival cryptocurrency exchange. The digital rupee will most importantly aid in the eradication of problems with counterfeit money.

According to FIS's Cheema, adoption of the CBDC in the wholesale sector (CBDC-W) has large benefits and substantially fewer dangers than in the more complicated domain of retail CBDC (CBDC-R). In the future, CBDC-R will supplement existing payment structures, not replace them.

The digital rupee will therefore be available for use by all Indian citizens whenever the RBI begins to print it.

UPI Frauds led to 15.3% Rise in Cybercrime Complaints Between Q1, Q2 in 2022: MHA


The unified payments interface (UPI) was a huge success. On the other hand, people are increasingly being cheated when conducting online transactions. UPI frauds contributed significantly to a 15.3% increase in the overall number of complaints reported on the National Cybercrime Reporting Portal (NCRP) between the first and second quarters of 2022, according to data from the Ministry of Home Affairs.

While the total number of registered complaints in the first quarter of 2022 was 206,198, it increased by 15.3 percent to 237,658 in the second quarter. The number of 'UPI fraud complaints,' a cyber crime category under NCRP, increased from 62,350 in Q1 2022 to 84,145 in Q2 2022.

When compared to other NCRP cyber crime categories such as debit/credit card fraud, internet banking-related fraud, and others, this represents a 34% increase.
These overall figures correspond to an increase in the number of cybercrime complaints registered on the NCRP portal since 2021.

This rise can be attributed to the expansion of digital payment systems since the Covid-19 pandemic, which has allowed small businesses to enter the ecosystem. UPI payments increased by more than 1,200 percent in the six months ending in September, according to an RBI report.

According to the MHA report, "Online financial fraud, a cyber crime category under NCRP is the most prevalent among others, as 67.9 percent of the total reported cyber crime were 'online financial frauds. However, no actual figures for this category were provided in the report.

Debit/credit card/sim swap fraud increased from Q1 to Q2 of 2022, which falls under financial fraud. In Q2, the figures were 26,793 compared to 24,270 in Q1. Nevertheless, complaints about internet banking decreased in the second quarter of 2022. While the figure was 20,443 in the first quarter of 2022, it fell to 19,267 in the second quarter.

UPI transactions are increasing

Unified Payments Interface (UPI) transactions hit a new high of Rs 12,11 lakh crore in October, six months after surpassing Rs 10 lakh crore in May.

This figure is expected to rise, with the RBI's Payment Vision 2025 projecting that UPI will grow by 50% on an annualized basis. This increased adoption of UPI will unintentionally contribute to an increase in UPI fraud.

In response, the National Payments Corporation of India (NPCI) launched 'UPI-Help' on the Bharat Interface for Money (BHIM) UPI last year to provide a simple grievance resolution mechanism.

One can view their transaction history in the BHIM UPI application by selecting the 'raise a complaint option. The user can then choose which transaction requires a complaint to be filed. They can raise a concern by clicking "raise concern," describing the issue in an online complaint and submitting it.

NPCI also launched the Safety Shield campaign earlier this year to assist users with online payments via UPI.

RBI Employs Tokenization to Combat Breaches


The RBI, the central bank of India, is now prepared to impose card tokenization in India after permitting customers to link credit cards with UPI. In the midst of all of this, many users are perplexed as to what card tokenization actually is and why applications and websites advise users to safeguard their credit and debit cards following the RBI's new rules.
What is tokenization? 

Tokenization is the process of replacing actual card information with a special alternate code called a 'token,' which must be different for each card, token requester, and device, i.e. the organization that accepts customer requests for card tokenization and forwards them to the card network to produce a corresponding token.

Researchers are still quite aware of the data exposures from MobiKwik and Domino's India. As users can see, the data becomes vulnerable to data breaches and leaks if you store your private card information on the cloud servers of numerous such online apps and websites.

Although some websites might have the highest levels of security in place to protect user credit card information, others may not be adhering to international security requirements. Having credit card information being dispersed over several servers with varying levels of security gives hackers more access points. The RBI now wants to alter the current state of digital payments and standardize 'tokenization' to increase the security of all online card transactions.

In September 2021, the RBI ordered that card-on-file (CoF) tokenization be used instead of retailers holding client card information on their systems beginning January 1, 2022. In addition, businesses such as apps, websites, payment processors like RazorPay, or banks will no longer be responsible for safeguarding your card information. Tokenization is a technique the RBI developed to protect domestic card transactions by employing random strings of tokens rather than disclosing the user's personal card information.

Since the regulation on tokenization was published, according to Deputy Governor Sankar, the central bank has been in close contact with all stakeholders to guarantee a smooth transition to the tokenization policy.

How does tokenization work? 

The process of tokenizing cards is straightforward. When a card is chosen to be tokenized, the card network such as Visa, MasterCard, etc. issues the token with the bank's approval and gives it to the retailer. For example, when you save an SBI Visa debit card on Paytm by RBI's requirements, Visa will create the token with SBI's permission and share it with Paytm.

If you decide to save the identical credit or debit card on some other app, let's say Amazon, a new token will be issued and shared with Amazon. The token will vary based on the merchant and device, even if it's the same card. From a security standpoint, it implies the tokens are unique and discrete, which is beneficial.

Potential effects of tokenization

The RBI was forced to develop card tokenization as a result of the constant data leaks, thefts, and breaches that occur in the digital age. Not to add that the various security standards used by apps, websites, payment processors, and other middlemen compromise users' online security.

Tokenization has very little of an effect on the customer. Customers simply need to submit their card information once to receive a token. The process of tokenization will then be initiated by the merchant at no further cost or customer effort.

According to experts, there are no drawbacks to card tokenization from the perspective of the end-user. The RBI standards must be implemented by merchants and payment systems, but aside from that, consumers benefit.

Indian Crypto Exchanges Disables Deposits Via UPI System


Multiple Indian crypto exchanges have disabled rupee deposits using the Unified Payments Interface (UPI) system, which is the most widely used retail payment method. This comes after the National Payments Corporation of India (NPCI) said last week that it was unaware of any crypto exchange using UPI. 

The Indian government has spent years working on a law to ban or regulate cryptocurrencies, with a ban backed by the central bank over risks to financial stability. However, recently the government has taken a decision to put a tax on the income from cryptocurrency and other digital assets. 

Crypto exchange Wazirx is not offering UPI support. The exchange tweeted on Wednesday, “Currently, UPI is not available,” and advised users to do P2P payments instead, which have zero fees. The platform also added that it has no estimated time limit to address the issue with UPI deposits. Coindcx is also not supporting payments by UPI, saying on Twitter Monday, “UPI is temporarily unavailable.”

Coinswitch Kuber, with over 15 million users went one step ahead and reportedly suspended all INR deposit services, including UPI and bank transfers via NEFT, RTGS, and IMPS. The Nasdaq-listed crypto exchange Coinbase, which recently launched in India, has also disabled all purchase options, including the UPI. 

Last month, multiple reports suggested that Coinbase has begun rolling out UPI and IMPS support for its users in India after users noticed the inclusion of the two payment systems (UPI & IMPS) on Coinbase’s app. The company acknowledged the same at its launch event on 7th April. 

“We are aware of the recent statement published by NPCI regarding the use of UPI by cryptocurrency exchanges. We are committed to working with NPCI and other relevant authorities to ensure we are aligned with local expectations and industry norms,” the exchange clarified. 

An industry source with direct knowledge of the matter said the NPCI was caught between a rock and a hard place when Coinbase claimed to launch with UPI support. “Once the launch of Coinbase happened in India and they announced the usage of UPI as a payment option, NPCI realized it needed to put a clarification out there,” the person said. 

Earlier this month, popular payment service Mobikwik also disabled offering services to crypto exchanges. Meanwhile, crypto exchanges have been declining in India after the 30% tax on crypto income went into effect without allowing loss offsets or deductions on April 1. From July 1st, a 1% tax deducted at source (TDS), will also be applicable on crypto transactions. 

There are no official data available on the size of India's crypto market, but industry experts believe the number of investors ranges from 15 million to 20 million, with a holding of about Rs 40,000 crore ($5.25 billion).

UPI Turns Webless


While UPI has grown in popularity since its inception in 2016, it has yet to reach rural areas where smartphone ownership is low and internet access is spotty. Volumes should increase as more low-cost handsets connect to the UPI system, promoting financial inclusion. 

This could be India's Unified Payments Interface's next great step (UPI). Governor of the Reserve Bank of India Shaktikanta Das introduced UPI123Pay, a digital software that allows users of feature phones to send money, on Tuesday. They will be equipped to do almost everything that smartphone users can on this payment platform, with the exception of scan-and-pay. There is no need for an internet connection. 

All that is required is a feature phone connected to a bank account, and funds can be transmitted to any other UPI user without the usage of a credit card. This should significantly boost the use of India's proprietary platform for cashless transactions. 

UPI transfers have already increased as a result of the pandemic, with over 4.5 billion worth over $8.3 trillion reported in February, up from just over 1.3 billion worth 2.2 trillion two years ago. The tally is expected to rise.

RBI AnyDesk Warning; here's how Scammers Use it to Steal Money

In February, Reserve Bank of India (RBI) issued warning regarding a remote desktop app known as 'AnyDesk', which was employed by scammers to carry out unauthorized transactions from bank accounts of the customers via mobile or laptop.

In the wake of RBI's warning, various other banks such as HDFC Bank, ICICI Bank and Axis Bank along with a few others, also issued an advisory to make their customers aware about AnyDesk's fraudulent potential and how it can be used by the hackers to steal money via Unified Payments Interface (UPI).

However, it is important to notice that Anydesk app is not infectious, in fact, on the contrary, it is a screen-sharing platform of extreme value to the IT professionals which allows users to connect to various systems and mobiles remotely over the internet.

How the Scam Takes Places? 

When a customer needs some help from the customer care, he gets in touch via a call and if he gets on line with a scammer, he would ask him to download AnyDesk app or a similar app known as TeamViewer QuickSupport on his smartphone.

Then, he would ask for a remote desk code of 9-digit which he requires to view the customer's screen live on his computer. He can also record everything that is been shown on the screen. Subsequently, whenever the victim enters the ID and password of his UPI app, the scammer records it.

Users are advised not to download AnyDesk or any other remote desktop applications without fully understanding their functioning.

You should also be highly skeptical of the additional apps that customer support executives may ask you to download as besides fraudsters, no one asks for codes, passwords or any other sensitive information.

Fraudsters Gaining Access to Users Mobile Devices to Commit Bank Fraud

With the advent of Unified Payment Services (UPI), the idea of sending money from one bank account to the other without having to top up the sum in the mobile wallet has become a reality. However, with new means of transactions coming up and widening of the horizon of banking operations, there is an even enhanced possibility of bank frauds. Hackers have been continuously coming up with new ways of bypassing security.
ICICI Bank reported that in order to gain remote access of smartphones of various users, cybercriminals trick users into downloading ‘AnyDesk’, an application available on App Store as well as Play Store.
Once the user downloads the app, a nine-digit app code is generated on his mobile device which they are then asked to share with the criminals. After receiving the code, fraudster enters the code onto his mobile and then asks the user to grant him certain permissions. Now, once the criminal gets the permissions, he can access the user’s device with ease.
Users are advised to verify and then install the original UPI app and payment wallets from Apple Store and Google Play Store owned by authenticated companies. Avoid downloading applications from suspicious or unknown sources and consider reading reviews prior to going for the download.
Furthermore, while granting permissions on making the download, one should be highly alert and pay extra attention to the details. Banks suggest having your e-mail ID registered and verified in order to be notified of any illegal action taken on your account.
Other safety tips include getting your SIM card blocked instantly if you happen to misplace your mobile device and logging out of your bank account from the web browser. Lastly, customers should always keep a track of their banking transactions which are sent through SMS, it will allow them to take note of any fraudulent transaction and report it to the bank.