Speed and convenience have rapidly shaped the future of digital payments in India. The Government has taken multiple initiatives to encourage people to move towards digital payments and move India towards a less-cash economy. While the number of digital transactions have picked up, people are still apprehensive about using these methods in order to transact. But with the outbreak of COVID-19 and with the need for social distancing to prevent the spread of the virus, contactless payments is an ideal way to transact.
The World Health Organization (WHO) has also recommended “contactless payment methods” whenever possible, to avoid spreading the virus. This should be considered an opportunity for India to move towards adopting digital mode of payments.
Unfortunately, fraudsters are also keeping pace with the growth of digital payments, and are on the look- out for weaknesses to exploit. It is extremely crucial for us to understand the numerous fraudulent vulnerabilities associated with digital payments and take necessary actions.
There are multiple ways to avoid these frauds and keep your money secure and safe.
∙Never install or use applications and apps other than the officially recommended ones: Post demonetization, a lot of these fraudulent apps came into being. It is critical that one doesn’t install or use such applications which can trigger fake transactions or even skim data from their device. It is best to download only popular apps and mobile wallets.
∙Do not fall for spoofing where the websites whose names “sound” similar to the real ones: There are hundreds of spoof websites or web pages tricking customers looking for help to reveal their account or card details. For instance, irdaionline.org is not the official website of IRDAI, but it poses as one.
∙Never click on Phishing SMSes: Phishing is the most common type of fraud for wallets and all online transactions. Never provide login credentials or other details on an email / SMS regardless of the context of the conversation in an email. Do not click on links in any SMS received unless you are convinced it is from a trustworthy source such as your banker. Such URLs often promise cashback, income tax refunds, and even purport to be from government agencies such as EPF.
∙Never give out your OTP or PIN or password: This is the most common type of fraud which a lot of people fall prey to. Banks or Credit Card Companies or any such trustworthy agency will never have to ask you for such details. Instead, they would use IVR or some such system to eliminate interference and fraud to anyone who calls and asks, even if they are known to be from a trustworthy agency.
Keep your passwords difficult to guess: Most of the people use the same password across different platforms so that it is easy for them to remember. However, this is the most dangerous thing to do. Passwords must be difficult to predict by third-parties and should not contain names of family members, friends or special dates known in public such as birthdays, anniversaries etc. Even if one of them is compromised, other linked accounts too stand the risk of being hacked.
∙Apart from these frauds, there are various other frauds associated with UPI payments, none of which are issues with UPI itself but are modes of deception. Here are a few of them:
o In this case as well, do not click on links in any of the SMSes, especially those from unknown agencies. It could be an attempt to skim money off your account. Also remember, the name is not everything on the Internet. www.my.banker.com is not the same as www.mybanker.com. It is crucial that you are aware of the official website and official email ID of your banker, stockbroker etc.
o UPI handles can be deceptive. Just because a handle has the word NPCI, BHIM, Govt units or Bank names in it, it does not make it authentic as many tricksters create such handles to make you reveal your card or account details.
o You must make sure that you never enter UPI PIN without fully understanding that your money will be debited from your account, and knowing who it will be credited to. You are not required to enter the PIN for getting money credited to your account!
o Never send / forward any SMS text from your device, since fraudsters often cajole victims into sending text messages from their device which will bind your device with a fraudulent identity, and it then becomes easy for them to skim money off their accounts.
oDo not install and use any remote screen mirroring tool as these tools are indeed convenient for genuine use cases such as remote technical support. But if fraudsters get access to your device remotely, the sky is the limit to what they can do.
Contactless payments are not only one of the most convenient modes of payments but also by far the safest and secure, and in the present situation the best mode to conduct transactions while maintaining social distancing. Being mindful of the aforementioned safe practices, customers can avoid falling prey to someone’s unscrupulous intentions and enjoy the benefits of this futuristic method of transaction.
Authored by Rajesh Mirjankar, Managing Director & CEO of InfrasoftTech