Banks’ digital payments frauds nearly double in FY23

June 5, 2023 

Even as the overall value of frauds reported by Indian banks halved from 59,819 crore in FY22 to30,252 crore in FY23, the value and volume of digital frauds committed using cards and internet-based payment methods nearly doubled in the previous financial year, data from the Reserve Bank of India’s (RBI) FY23 annual report showed.

While 3,596 frauds amounting to 155 crore using cards and internet banking services were reported in FY22, the volume nearly doubled to 6,659 digital frauds in FY23 amounting to276 crore. However, 94.5% of the frauds reported in FY23 by value occurred in previous financial years, and there were delays in identification of fraud and subsequent lag in reporting by lenders.

Experts said fraudsters are using new techniques to cheat customers. These include phishing, malware being designed to extract and copy data from the infected device of a bank customer, vishing and SIM cloning, said a report by Bureau — a single AI architecture platform partnering with lenders for risk compliance solutions.

“I would say banks can obviously keep educating the customers, but a lot of times social engineering become a problem where customers willingly give OTPs, password or let the fraudster hijack their phone. Unfortunately in these cases banks’ ability to take corrective measures is limited,” said a senior official at a mid-size bank.

Fraudsters also create fake UPI handles on social media to trick people into revealing account details, making the customer download an application which can sometime monitor their mobile or computer screen remotely. There are also more sophisticated scams in which fraud rings get the victim’s data and transfer money to an intermediary account.

The Bureau report said of the total reported digital payment frauds in May 2022, as many as 55% were related to UPI transactions, half of which were of less than Rs 10,000 in ticket size. Amit Das, co-founder and CEO at Think360. AI, said as digital outposts and customer facing adoption has gone up, owing to all around investments made by modern and traditional institutions, digital education is at sub-par level. Secondly, fraudsters have access to easier and less risky methods currently to attack unsuspecting customers. “Fear and greed are great tools. Most frauds can be traced to inducing fear that your account is blocked, or greed that you have won a lottery,” he said.

Biju K, senior vice president & chief vigilance officer at Federal Bank, said digital evolution has been adopted by the fraudsters and criminals as much as by customers. “If we look at statistics, the number of digital transactions has quadrupled approximately between 2018 and 2023. Simple and widely accepted real-time payment infrastructure, UPI made digital payment transactions a routine affair in the pandemic period,” he said.

UPI transactions rose 427% in volume during 2020 and 2022. In May, a total of 9.41 billion UPI transactions amounting to Rs 14.89 trillion were recorded by the NPCI. “This trend is expected to continue, and it is believed that the cash transactions will not hold beyond 10% -12% share of overall banking transactions,” Biju K said.

He said banks and other financial service providers should ensure stronger IT infrastructure with regular upgrades, in line with evolving technologies. “They should maintain basic cyber hygiene to ensure that their platforms are free from vulnerabilities. Awareness building for the public on safe usage of internet and digital banking is very much needed.” He added that advanced monitoring mechanisms should also be installed by banks for real-time detection and prevention of digital frauds.

Das shared similar views, saying lenders need to use their own digital interfaces better with stronger security checks. For instance, lenders can have visual authentication for unusual or high value transactions, build libraries of fraud IP addresses, do better reporting of impacted identities for universal tracking and resolutions, among others. “Most banking institutions have very suboptimal digital interfaces fraught with archaic interventions.”

[The Financial Express]