‘₹615.39cr lost to debit, credit card frauds’
Fraudsters siphoned off ₹615.39 crore in more than 1.17 lakh cases of credit and debit card frauds over 10 years (April 2009 to September 2019), Reserve Bank of India (RBI) data revealed.
According to the Central bank’s reply to a right-to-information (RTI) query, the amount would be much higher because the bank did not keep a record of cybercrimes amounting to less than ₹1 lakh between April 2009 and April 2017.
Police officers and cyber experts said that while citizens need to be more alert in their dealings on the internet, they believe that financial institutions and banks need to do a lot more to tighten their security apparatus to curb increasing cyber frauds. In a survey conducted by online marketplace OLX in February 2020, in which 7,500 people participated, it was found that 52% of the respondents publicly shared their phone numbers and personal addresses online and 26% of them shared one-time passwords (OTP) with others. Around 22% admitted to sharing bank account, UPI (Unified Payments Interface), credit or debit card PIN details.
As per the RTI findings, the total number of credit/debit card fraud cases reported to RBI by 100-odd banks in eight years (April 2009 to April 2017) stood at 6,785 cases, and the amount lost was ₹243.95 crore.
After RBI started tracking frauds amounting to less than Rs1 lakh from April 2017, the statistics showed a mammoth rise. In just two-and-a-half years (between April 2017 and September 2019), a total of 1,10,367 cases amounting to ₹371.44 crore were reported.
Shomiron Das Gupta, an intrusion analyst who has been building threat-detection systems for more than a decade and founder of DNIF (a platform that offers cyber-security solutions), told Hindustan Times, “In cases where cloned cards are used by fraudsters to withdraw money from ATMs, the banks can come up with the OTP system, where after swiping your card, an OTP request is received on your mobile and this OTP is mandatory to withdraw money. This way, even if the fraudster has your cloned card and PIN, he cannot withdraw money.”
Gupta added, “If this option is not possible, then another option to stop such frauds would be where the user can scan a unique QR code on the ATM. As soon as it is done, the user can withdraw cash. We can eliminate the use of cards or any contact with the ATM for that matter. We have technology to shift to a card-less economy.”
Vicky Shah, a cyber-law advocate, said card monitoring can help curb frauds to a great extent. “All banks do not carry out ‘card-transaction monitoring’ that can help prevent such frauds. For example, if a customer usually withdraws or transacts ₹2,000 to ₹5,000 and suddenly, ₹25,000 or more is getting withdrawn/transacted multiple times, it should come to the notice of the bank, which should then make a verification call to the customer before approving the transaction. Another example of transaction monitoring is if one usually uses the card in Mumbai and then one day, the card is being used in another state/country,” said Shah.
“Banks are not following the RBI Consumer Protection Circular released in 2017, in which they have to give one, a dedicated toll-free customer care number; two, a dedicated email-id and three, the toll-free number must have a representative for immediate response to fraudulent transactions. Presently, interactive voice response (IVR) chargeable to customers is used by banks, which consumes around 15 minutes to register a complaint and block the card, which enables fraudsters to make more transactions. Customer data gets leaked from banks (third-party agency), which too is an issue of concern,” added Shah.
The Maharashtra cyber department, which tracks such frauds across the state, said a lot more needs to be done by banks. Dr Balsing Rajput, superintendent of the department, said,” The cases of card frauds have been steadily increasing in Maharashtra. We keep reminding banks to improve their security system to prevent and detect card frauds. There is an urgent need of stepping up security systems in several banks to prevent card frauds. Till the banks come up with advanced technology to secure their systems, fraud cases will continue unabated. We are co-ordinating with telecom service providers and other service providers, including banks, to nab the accused.”