Se­cu­rity of dig­i­tal pay­ments, wal­lets needs at­ten­tion

Voice&Data - - PREEONPLDES -

Post de­mon­e­ti­za­tion, there has been a mon­u­men­tal surge in dig­i­tal trans­ac­tions in In­dia. As per re­port, wal­let pay­ments have soared by 300% af­ter Novem­ber 8, 2016 and some of the trans­ac­tions sta­tis­tics are an eye opener. The num­ber of e-wal­let daily trans­ac­tions has shot up from 1.5 mil­lion to 7 mil­lion trans­ac­tions per day, and, in value terms daily from 500 mn to nearly 2 bil­lion. While all this is hap­pen­ing, in a rare in­ci­dent, the largest player in the mar­ket re­cently had to ap­proach en­force­ment agen­cies for a hack and de­fraud per­pet­u­ated. While the de­tails are still un­der in­ves­ti­ga­tion, need­less to say, se­cu­rity of dig­i­tal pay­ments and wal­lets is now a para­mount con­cern.

The mo­bile phone is get­ting in­creas­ingly more im­por­tant in our day-to-day life and given this hy­per-surge in dig­i­tal trans­ac­tions, the at­ten­tion of all has now turned to one of the most im­por­tant as­pects of se­cu­rity and safety of us­age of dig­i­tal pay­ments. One needs to un­der­stand this as­pect well as dig­i­tal pay­ments are no longer one of the pay­ment op­tions, but are be­com­ing a must. Wal­let com­pa­nies have built a host of se­cu­rity fea­tures, mak­ing wal­let trans­ac­tions as se­cure as one uses web por­tals. For a user, a mo­bile wal­let is more or less like an elec­tronic pre­paid card and in the pop­u­lar imag­i­na­tion the re­place­ment for the phys­i­cal wal­let. To get started, one has to sign up for the app on iPhone or An­droid phone’s App store. From load­ing the wal­let through debit/credit card or net bank­ing or re­ceiv­ing money through P2P money trans­fer, to mak­ing money trans­fers, pay­ing bills, book­ing tick­ets and shop, it is a straight for­ward pol­icy backed by cut­ting edge tech­nol­ogy de­vel­oped un­der a strict reg­u­la­tory regime. How­ever, there are now in­creas­ing in­stances of breaches and frauds be­ing re­ported from time to time.

One of the big­gest rea­sons for above has been the race to ac­quire cus­tomers and mak­ing trans­ac­tions as easy and con­ve­nient as pos­si­ble, of­ten do­ing away se­cu­rity fea­tures such as sec­ond fac­tor au­then­ti­ca­tion, not get­ting logged out af­ter a cer­tain time of in­ac­tiv­ity and com­pro­mis­ing on the se­cu­rity reg­u­la­tions as man­dated by RBI’s man­dates.

In gen­eral, the wal­let ser­vice providers have to un­dergo strin­gent and strict tech­nol­ogy plat­form se­cu­rity tests, pe­ri­od­i­cally. The first tech­nol­ogy sys­tem au­dit hap­pens at the time of go­ing live. This is known as CISA au­dit – In­for­ma­tion Sys­tems Au­dit. This is one au­dit which is done ev­ery year by ex­ter­nal agen­cies. CISA au­dit is a glob­ally rec­og­nized cer­ti­fi­ca­tion in the field of au­dit, con­trol and se­cu­rity of in­for­ma­tion sys­tems. CISA gained world­wide ac­cep­tance hav­ing uni­form cer­ti­fi­ca­tion cri­te­ria, the cer­ti­fi­ca­tion has a high de­gree of vis­i­bil­ity and recog­ni­tion in the fields of IT se­cu­rity, IT au­dit, IT risk man­age­ment and gov­er­nance. Mo­bile Wal­lets which are cer­ti­fied are safe from all vul­ner­a­bil­i­ties and at­tacks in­clud­ing back­doors, de­nial– of-ser­vice at­tacks, di­rect ac­cess at­tacks, eavesdropping, spoof­ing, tam­per­ing, phish­ing and click-jack­ing.

Then there is an­nual and reg­u­lar in­spec­tion by RBI with daily, weekly and monthly re­port­ing to both RBI and the Frauds In­ves­ti­ga­tion Unit of Min­istry of Fi­nance. De­spite the best of sys­tems and method­olo­gies, there has been a spate of in­creased in­stances

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.