‘Banking system changes make India a target for cybercrimes’
Jeremy King, international director, PCI, Standards Council, who was speaking at an event for security innovations in payments in Mumbai, said 99.9 % of the data breaches are preventablemumbai Updated: Feb 06, 2016 01:07 IST
From a mere 12,301 cases of cybercrimes reported in 2011, the number shot up to 3 lakh in 2015, making India a hub for cybercriminals, according to the Payment Cards Industry (PCI). Cybercriminals are increasingly targeting India as our banking systems are changing rapidly, said experts.
Jeremy King, international director, PCI, Standards Council, who was speaking at an event for security innovations in payments in Mumbai, said 99.9 % of the data breaches are preventable. “A few years ago, the UK went through this process (was targeted by cybercriminals), then it was the whole of Europe followed by the US. As these countries migrated to a secure payment method, the door of opportunities was closing for cybercriminals,” he said.
An optimal way to prevent this would be the introduction of EMV chip cards, where the data is stored in a chip on the front of a card used for payment instead of the magnetic strip at the back. The EMV chip cards also called integrated circuit chips “stores data in a cryptographic format, making it impossible for them to hack into it,” said King.
Last year, Mumbai saw several cases of phishing and ATM frauds. “India is rapidly changing its payment methods at the migration rate of 75%. While the UK has fully adapted to the EMV chip cards, the US has transformed by 35%,” said King.
According to the PCI, the counterfeit frauds dropped from £169.8 million in 2008 to £47.8 million in 2015, as the EMV cards were used.
Ashutosh Jain, chief information security officer, Axis Bank, said during the panel discussion, “When people who are aware of the system can fall prey to phishing, a common man is more prone to such attacks. The security needs to be stepped up.”
Experts in payments industry reiterated the fact that a cyber-criminal is not attacking an individual but an entity.