Upgrading digital financial ecosystem security

Cybersecurity experts have pressed the alarm bell over India’s losses due to cyber fraud surging by over 205% in 2024 compared to the previous year. Apart from public awareness, plugging the loose ends in the cybersecurity ecosystem and tightening surveillance mechanisms are crucial to ensure consumer trust in the digital-first option, real-time consumer safety and protecting the country’s financial system from cyberattacks. Leaks in the digital financial systems leave first-time digital users, more particularly the elderly and rural population, who otherwise have been hugely benefited through access to digital services thanks to Direct Benefit Transfer and other digital inclusion, vulnerable to cyber frauds. Cyberfraudsters target people with poor awareness of cybercrime, tricking them into sharing the account details by impersonating bank officials, police officers, or other law enforcement authorities. For the vast majority of rural people, who have had little exposure even to brick-and-mortar bank branches and are less familiar with automated teller machines, understanding the nitty-gritty of password safety and the digital financial system is not easy and takes time. The cyberfraud, on the other hand, operates at a much faster pace, and this mismatch remains a grey area in the country’s cybersecurity landscape. The worsening situation of cyberfraud calls for the central government to prioritise action on a set of recommendations made by the Parliamentary Standing Committee on Home Affairs on the issue. The parliamentary panel has drawn the attention of the government to the fact that the convergence of cyber fraud with underground banking and cryptocurrency has established a resilient infrastructure that enables transnational criminal groups to operate with impunity. To address this escalating threat, it is imperative to intensify efforts that target the underlying infrastructure supporting these networks. The committee’s recommendation for enhanced cross-border cooperation, strengthened regulatory frameworks and bolstered enforcement mechanisms to mitigate the impact of these highly organised criminal operations is a pragmatic suggestion to bridge the jurisdictional gaps. Such cross-border cooperation often faces hurdles of evolving geopolitics, technological and legal constraints, extradition gaps, differences in perception of digital data protection and involves diplomatic challenges. Besides, bilateral and multilateral agreements, which are a must for facilitating cross-border cooperation in different sectors, often move at a much slower pace than expected or anticipated. Strengthening the security of the country’s own digital financial ecosystem within its territorial jurisdiction, therefore, remains important for reducing cyberfraud vulnerabilities and stemming financial losses. Recurrence of cyberfraud resulting in heavy financial losses to individual customers erodes the credibility of the digital financial system, which, in turn, adversely affects the public trust in digital financial transactions. Information furnished to the Committee by the Department of Telecom indicates progress made in the detection of telecom-linked financial frauds. About 570 banks and financial institutions are using the Digital Intelligence Platform to access the Mobile Number Revocation List, i.e., the list containing permanently disabled mobile numbers and financial fraud indicators for acting on suspicious bank accounts. leading to action on 20.89 lakh accounts is reflective of improvement in surveillance and action against cyberfraud. The Committee’s recommendation to banks to regularly train their employees and organise awareness programmes for customers about the latest methods that fraudsters use is a prudent suggestion to strengthen frontline defence to thwart the new modus operandi adopted by cyberfraudsters. The Committee is of the view that complementing technological solutions with human vigilance can empower both staff and customers to remain prepared to recognise and respond to new types of scams. Banks frequently educating the customers to identify the genuine digital domains of bank websites or apps is vital to reinforcing their trust in the digital banking system. The Artificial Intelligence system powered Digital Payment Intelligence Platform developed by the Reserve Bank of India has triggered fresh hopes for the prevention of digital payment fraud in real time through flagging risky transactions. The RBI setting out a rollout time, as recommended by the parliamentary panel, is critical to address the problem of the alarming rise in digital payment frauds at the earliest. Grievance redressal plays an important role in building public trust in the digital financial system. The Committee rightly notes that while the Reserve Bank-Integrated Ombudsman Scheme provides a mechanism for victims of digital payment fraud to lodge complaints and reflects the RBI’s commitment to consumer protection, the increase in the average time period taken for resolving unauthorised transactions from 36 days to more than 68 days indicates a “growing backlog or complexity in case resolution.” The Committee’s recommendation for the introduction of affordable micro-insurance policies designed to protect customers against losses exceeding standard liability limits is aimed at providing a reliable financial safety net, but this must not create a new financial burden on the poor and downtrodden who need the digital payment ecosystems to receive benefits of various cash payout schemes also for their daily small business transactions. Upgrading digital financial system security to curb digital fraud is the urgent need of the hour.