Of passwords and OTPs: Cashless economy may boost cyber crime
The country needs a robust cyber security law that defines the duties of stakeholders, starting from the banker, to users, to intermediarieseditorials Updated: Dec 13, 2016 20:58 IST
After the controversial demonetisation of currency notes announced by Prime Minister Narendra Modi on November 8, the government has been recommending that people go cashless and make online payments through e-wallets or plastic money.
But the convenience of digital transactions brings with it the danger of online deception, warns a study on cyber-security conducted by industry body Assocham along with business consultancy firm EY. According to the study, mobile frauds in India are likely to surge by 2017. “Mobile frauds are areas of great concern for companies as 40-45 % of financial transactions are done via mobile devices and this threat is expected grow to 60-65 %.”
According to the study, a chunk of complaints for online security (46 %) were related to credit/debit card fraud. These were followed by Facebook-related complaints such as morphed pictures, cyber bullying and cyber stalking (39 %). Cheating through mobile contributed to 21% of cyber complaints. Then came hacking of e-mail ID (18%); abusive/offensive/obscene calls and SMS (12%) and others.
The implementation of a cybersecurity strategy in India is still in its infancy. For an IT power of its size, the strength of official cyber security workforce is surprisingly inadequate. The number stands at 556 experts when compared to China, which has 125,000 experts and the US (91,080 experts).
In its current form, the IT (Amendment) Act, 2008, deals primarily with extraction, retention, communication and destroying of data. Plus, the Act doesn’t cover majority of the crimes committed through mobiles. It needs to be updated and its scope widened to include a legal framework for cyber laws.
Another issue to be addressed in a country with such an enormous mobile penetration is provocative content on the Web. A balance needs to be struck between infringing on the privacy of citizens and monitoring of cyber crimes. The recent scrapping of Section 66 A doesn’t allow intermediaries like internet service providers to block or remove provocative information that goes viral on social media, sometimes leading to communal flare-ups.
The country needs a robust cyber security law that defines the duties of stakeholders, starting from the banker, to users, to intermediaries.