Widespread online fraud in Indian Banking
With the advent of work from home all over the world and a major shift towards digitization across all sectors in the wake of the ongoing pandemic, fraudsters and hackers have been making hay.
The primary means of operation for fraudsters are identity theft and online fraud, mostly through mobile applications. With over 41% of banking transactions in India now performed using mobile applications, hackers are exploiting the general lack of awareness regarding cyber security that abounds in India to make off with the big bucks.
RBI has estimated that Indians have lost Rs. 128 crore between October and December of 2019 mostly through credit/debit card frauds and NetBanking fraud. These numbers have exacerbated over the course of the pandemic-induced lockdown, causing RBI to send our several texts and messages warning Indians to not succumb to online frauds.
This is certainly a damning account of the state of cybersecurity in Indian banking, but just how bad is the problem?
Mounting online fraud-related losses
The state of online banking was dire even before the pandemic hit, RBI reports that Indian banks lost Rs. 109 crore to online fraud and theft in FY 2018, and this number has only been increasing.
Digital banking has been on the rise over the last few months, spurred on by the restrictions put in place due to the pandemic, and this has had a truly debilitating effect on top of the already rampant problem of online fraud.
Experian reports that among South-Asian countries, Indian banks have seen the highest increase in online fraud losses at 65% and identity theft makes up 28% of these cases.
Here’s a break-down of product-wise fraud trends and the percentage of identity & documentation fraud for each product.
|Amount of Identity Fraud(%)|
Amount of Fraudulent documentation & information (%)
Fraudulent identity and documentation therefore make up the bulk of online fraud in nearly every product offered by Indian banks.
This is a deplorable state of affairs and requires immediate remedial measures.
How can you protect against online fraud?
Individuals and businesses can follow the following steps to safeguard against online fraud and cyber-attacks.
For Individuals –
- Do not post email addresses in public forums, chat rooms, or untrusted forms
- Only subscribe to trusted newsletters
- Use a spam filter. These come in two types – content-based & source-based. Generally source-based filters are harder to get past
- If you receive a spam email:
- Do not click on it
- Do not download any attachments from it
- Do not try to unsubscribe from the message
- Report it
- Generally be wary of suspicious looking emails, forms, pop-ups or websites, and never post your email to any of these
For businesses –
- Make sure the SMTP server you’re using
- Does not relay unauthorized mails
- Has implemented client authentication
- Defines a maximum number of recipients per message
- Uses separate ports for submission and message relay
- Make sure your ISP
- Stops all open relays
- Controls open proxy servers
- Implements rate limits in outbound email traffic
- Monitors web-based email submission forms
- Logs sources of mails generated within the network
- Restrict network admin rights to a handful of people
- Invest in cyber security software and strong firewalls
- Encrypt and backup all your important data and store it offline
- Educate employees on cyber security best practices
These are immediate steps that banks and their customers can take to protect themselves against malicious attacks. However they are perfunctory and do not address the systemic issues that allow for online fraud.
These systemic issues primarily concern the lack of usage of secure technology for processes like customer identification, KYC, and data security.
Better KYC makes for safer transactions
Researchers from IIM-Bangalore have outlined the problems with the fraud detection systems used by banks in a comprehensive report.
The report identifies technological inadequacies as one of the prime factors contributing to the high rates of online frauds, stating that – “…there are inadequate tools and technologies in place to detect early warning signals and red flags pertaining to different frauds.”
Additionally, the authors of the report recommend the use of the latest technology at affordable costs to monitor and audit transactions and report red flags. Another salient recommendation is the strengthening of KYC norms.
Therefore, banks require an upgraded KYC system, enabled with the latest verification technology and risk assessment tools in order to better combat rampant online fraud.
These technologies must also be affordable in order to facilitate their widespread implementation.
Comprehensive & cutting-edge video KYC
If you’re a bank looking for such a KYC solution (as you should be!), then look no further.
SignDesk offers an award-winning video KYC product trusted to verify identities by 50+ major banks.
Our video KYC and digital onboarding product uses ML and AI techniques to verify customer KYC details, extract and verify document details using just an image of the documents, and comply with RBI regulations for V-CIP.
We secure client data using industry-grade crypto algorithms and our solution is quick and cost-effective. Our anti-fraud filters root out fake profiles and fraudulent documents, and help you cut down on fraud-related costs.
Are you ready to reduce your onboarding costs by 90% and prevent online fraud? Book a demo with us now!