Even as the Covid-19 pandemic forces consumers to opt for digital payments, there has been a rapid rise in cybercrimes such as web-skimming, malware campaigns and phishing scams in the country, a report on Fraud & Risk Management in Digital Payments by the Data Security Council of India (DSCI) and Paypal said on Wednesday.
In July 2020, UPI transactions in India crossed 1.49 billion in volume and $41 billion in transaction value. This, coupled with an increase in smartphone penetration and mobile internet access, has made India one of the fastest-growing countries adopting digital payments in the world, it added.
"However, this has led to an escalating fraud scenario with fraudsters coming up with new mechanisms to perpetrate fraud using the same innovations to their advantage by attacking businesses and end-users," the report said.
Buyer side frauds such as fraudulent claims, chargebacks, fake buyer accounts and merchant side frauds like selling counterfeit products, non-fulfilment were some of the emerging types of frauds listed in the report.
"Within the last three months, digital payment platforms across India have surpassed the transaction volume that experts believed could have taken about five years under pre-pandemic circumstances," said Rajesh Pant, national cybersecurity co-ordinator.
"Unfortunately, India has also witnessed a sharp rise in online payment frauds, especially due to increase in the overall attack surface. There is an increase in the percentage of malware campaigns employing Covid-19 related attack vectors," he said.
Moreover, ransomware attacks have continued to rise as well. According to a recent study carried out by YouGov and ACI Worldwide, 47 per cent of respondents from Tier-I cities of India are concerned about digital payment frauds. The report recommended the usage of fraud prevention strategies such as IP geolocation to verify consumer’s data to determine location at the time of purchase and proxy IP address detection for instant detection of anonymous IP addresses used by fraudsters. It also asked the payment industry and the government to train and upskill law enforcement agencies (LEAs) regularly.
"The country's agenices should also engage with LEAs of other countries and involve (themselves) in skill and threat information exchange with such global entities," the report said.