By Sumaira Rizvi,
New Delhi: With demonetisation, and later Union government’s thrust on cashless economy, there has been a significant increase in digital payments across the country. Although, people have started using digital transaction services, the risks involved in online transactions remain a cause of concern for the users.
Cashless transactions simplify payment processes but high risk is involved since hackers can take control of these payment services.
In October, reports surfaced stating that the information of 32 lakh bankcards has been compromised due to a malware in one of the leading payment gateway services. Several banks then directed their customers to change the security PIN. The State Bank of India went a step ahead and issued 6 lakhs new cards to its customers free of cost.
Himanshu Sharma, an ethical hacker and co-founder of Bugs Bounty, a company which tests the bank codes for possible security risks, feels that nothing is 100% secure. According to Sharma, preventive measures needs to be taken by both the parties for safety of digital transactions. He said that the consumers must understand that their card information is confidential.
“Consumers must never share their credit card number or CVV number with anyone and should avoid shopping on computers accessed by public,” said Sharma.
He stressed on the need for banks to perform business process and code review periodically. “Payment gateways need to have continuous security testing done after every major update in their code to make sure no update causes a security risk,” he added.
Digital illiteracy is another risk involved in transactions. According to Syeda Bandi, assistant manager in a leading public sector bank, “The cause of misuse in most of the cases we receive is the unawareness of customers. Those who struggle with technology take help from others at ATMs thus risking their card details. We have been constantly warning customers to not share their card details and PIN with anyone, not even to the bank officials.”
However, the story of Soumya Sharma, a digitally literate student, raises concern even for the well-informed customers. “I have never given my card to others for use and I had never shared the card details with anyone. Somebody debited my account thrice but I did not receive any OTP. I just received the messages that my money was deducted from my account,” Soumya said.
This was alarming for Soumya who said that she had been extremely cautious about her card. “I made contact with the bank and they blocked my card immediately and directed me to damage it,” she added.
Even two months after the case, Soumya is clueless about what went wrong with her account.