Government allies With SBI Card and Telcos to Tackle OTP Frauds

April 23, 2024

The Government of India, in collaboration with SBI Cards and Payment Services Ltd (SBI Card) and telecom operators, is developing an innovative solution to combat the growing threat of cyber fraud and phishing attacks involving stolen one-time passwords (OTPs). The Centre is testing a system that allows banks to track the registered address and geolocation of a customer and compare it with the location where the OTP is being delivered. In case of any discrepancy, the customer can be alerted of a possible phishing attack.

Background

  • The Reserve Bank of India (RBI) had mandated an additional factor of authentication for digital payment transactions to prevent frauds.
  • However, fraudsters have developed advanced capabilities to steal OTPs by misleading customers or rerouting OTPs to their own devices, rendering the second factor of authentication ineffective.

How the Solution Works?

  • Banks will track the SIM card location of a customer through telecom service providers and compare it with the customer’s registered address in their database.
  • If the OTP is delivered to a location unrelated to the customer, a pop-up alert can be displayed on the customer’s screen, warning of a possible phishing attack.
  • In extreme cases, the OTP can be blocked altogether to prevent fraudulent transactions.

Cybercrime Statistics in India

  • According to the Indian Cyber Crime Coordination Centre (i4C), cyber criminals siphoned off Rs 10,319 crore between April 2021 and December 2023.
  • Most crimes originated from China, Cambodia, and Myanmar, involving non-state actors.
  • The government’s ‘Citizen Financial Cyber Fraud Reporting and Management System’ has prevented about Rs 1,200 crore of fraudulent transfers from more than 470,000 citizen complaints received until February 2024.

About The National Cyber Security Coordinator (NCSC)

  • Established in 2014 under the National Security Council Secretariat
  • Responsible for coordinating cyber security matters across different sectors and agencies
  • Plays a key role in formulating and implementing India’s cyber security strategy
  • Coordinates with international partners to enhance global cyber security cooperation
  • Advises the government on critical information infrastructure protection and cyber crisis management

About The Indian Computer Emergency Response Team (CERT-In)

  • Operational since 2004 under the Ministry of Electronics and Information Technology
  • Serves as the national nodal agency for responding to cyber security incidents
  • Monitors and analyses cyber threats, vulnerabilities, and incidents
  • Provides alerts, advisories, and guidelines to enhance cyber security preparedness
  • Conducts cyber security drills and training programs for government and critical sector organizations

About India’s Cyber security

  • India has the second-largest telecom market in the world, with over 1.16 billion subscribers as of Now.
  • The country has also seen a significant rise in digital payments, with transaction volumes reaching 7,422.68 crore in FY 2023, up from 5,554.59 crore in the previous year.
  • The Government of India has taken several steps to strengthen cybersecurity, including the establishment of The National Cyber Security Coordinator (NCSC) and The Indian Computer Emergency Response Team (CERT-In).

As the country continues to embrace digital payments, such initiatives will play a crucial role in building trust and confidence among users while safeguarding their financial interests.

« »

Month: 

Category: 

Leave a Reply

Your email address will not be published. Required fields are marked *