Mobile Wallets, Digital Payments, UPI, have become a daily conversation now. I personally use digital payments regularly. We see posts on social media showing how the street vendors and auto rickshaws are now accepting payments digitally. This is definitely a good start and also the best way forward in my opnion..but as a risk professional it is my second nature to look at the possible pitfalls and perils.
“Are we fully geared up for this digital payment revolution?” Let me articulate some of the possible risks and then we can try to find solutions together..
Let’s look at the common man first, yes he has started using smart phones extensively..even the senior citizens and children have smart phones. But are they aware of the “secure” use of the mobile / digital payment methods? We are seeing a huge upswing in the cybercrimes which revolve around social engineering, phishing and vishing scams, debit / credit card and mobile wallet apps.
Possible solutions – User awareness is key. Security is a topic which should be taught in schools, public awareness must be drilled by government / regulators, banks and the payment service providers.
What happens if I lose my phone, or my phone battery runs out or the app malfunctions, or I don’t get the OTP?
Possible solutions – Don’t rely solely on mobile wallets. Keep a debit / credit card as backup. Net banking is another option. Develop Aadhar based easy payment systems which do not require the payer to carry a phone or card – “pay with your fingerprint”.
What about the apps themselves? Are the apps secure? One of the well-known and widely used app did not have a password till last week..even now the password is the same as the mobile unlock code / pattern. So if the phone is handed over for repair, one has to share the phone unlock code which can then be misused…
Possible solutions – We need a secure app standard, regulation and approval process by RBI and security audits immediately. Rogue apps and fraudsters must be dealt with swiftly by the government with help from the appstore / playstore providers.
What happens in emergencies or during disasters? As we saw during the recent cyclone in Chennai, there was no power to charge the phones or swipe machines. Internet connectivity was inconsistent. What is the plan B in such situations? We still have issues with connectivity and signals in rural areas and even in some parts of the towns and cities depending on the service provider.
Possible solutions – Offline payment options should be thought about..but in such situations cash exchange may be inevitable??
What happens if I make an error and make a mobile payment to the wrong person? What happens if I am a victim of a fraud? Where do I complain? How do I recover the money? What is the grievance redressal system? Can I lodge a police complaint? Will the overworked and already stressed law enforcement mechanism prioritize my complaint of a few thousands?
Possible solutions – Define a simple and standard framework and work flow to address such cases. Empower banks and create a “clearance house” to resolve orphan / failed payments and funds missing in transit. Government needs to strengthen the law enforcement mechanism to tackle frauds.
What happens if some unknown person accidently / intentionally transfers money to my wallet? Will I be caught in money laundering trap?
Possible solutions – Again, awareness is key. There should be a simple process to report money laundering which does not antagonize the person reporting the issue. Genuine mistakes should be addressed through the “Clearing house”. But intentional misuse must be tracked and dealt with swiftly.
Change is good..but every change brings some uncertainty and disruption which most humans are uncomfortable with. By nature we strive for equilibrium, so we need to find this equilibrium ASAP to get back the focus on the progress of our country.
Please feel free to share any solutions which you can think of..
