Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label SBI. Show all posts

Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy

 


Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface (UPI) transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI transactions. They took to X (formerly Twitter) to complain about not being able to complete the transaction. It was confirmed in a tweet that the National Payments Corporation of India had suffered from an outage which led to the failure of UPI transactions in some banks. 

A website monitoring service with issues received reports that the UPI service was not working for Kotak Mahindra Bank, HDFC Bank, State Bank of India (SBI), and others, according to Downdetector, a website monitoring service. According to reports on social media platforms, hundreds of bank servers have experienced widespread outages nationwide, impacting the Unified Payments Interface (UPI) transactions. 

Users were flooding social media platforms with details of these disruptions. As well, Downdetector, a company providing website monitoring services, received reports of ongoing outages affecting UPI as well as Kotak Mahindra Bank, HDFC Bank, State Bank of India (SBI) and others. The outage seems to affect UPI transactions made using several banks as well. 

In some cases, users have reported experiencing server problems when making UPI payments with HDFC Bank, Baroda Bank, Mumbai Bank, State Bank of India (SBI), and Kotak Mahindra Bank, among other banks. In addition to reporting UPI, Kotak Mahindra Bank and HDFC Bank's ongoing outage on Downdetector, a website that keeps an eye on outages and issues across the entire business landscape, Downdetector has also received reports of ongoing outages from users. 

Several users have reported having difficulty with the “Fund Transfer” process within their respective banks due to technical difficulties. A new high was reached by UPI transactions in January, with a value of Rs 18.41 trillion, up marginally by 1 per cent from Rs 18.23 trillion in December. During November, the number of transactions increased by 1.5%, reaching 12.20 billion, which is up by 1.5 per cent from 12.02 billion in October. 

In November, the number of transactions was 11.4 billion, resulting in a value of Rs 17.4 trillion. The NPCI data shows that the volume of transactions in January was 52 per cent higher and the value was 42 per cent higher than the same month of the previous financial year, according to NPCI data. 

Earlier in November 2023, a report stating that the government was considering implementing a minimum time constraint within the initial interaction between two individuals who are carrying out transactions exceeding an adjustable amount was published. 

The Indian Express reported that, according to government sources, the proposed plan would dictate a four-hour timeframe to be imposed on the first digital payment between two users, particularly for transactions exceeding Rs 2,000, based on inputs that were received from the government.

RBI Employs Tokenization to Combat Breaches

 

The RBI, the central bank of India, is now prepared to impose card tokenization in India after permitting customers to link credit cards with UPI. In the midst of all of this, many users are perplexed as to what card tokenization actually is and why applications and websites advise users to safeguard their credit and debit cards following the RBI's new rules.
 
What is tokenization? 

Tokenization is the process of replacing actual card information with a special alternate code called a 'token,' which must be different for each card, token requester, and device, i.e. the organization that accepts customer requests for card tokenization and forwards them to the card network to produce a corresponding token.

Researchers are still quite aware of the data exposures from MobiKwik and Domino's India. As users can see, the data becomes vulnerable to data breaches and leaks if you store your private card information on the cloud servers of numerous such online apps and websites.

Although some websites might have the highest levels of security in place to protect user credit card information, others may not be adhering to international security requirements. Having credit card information being dispersed over several servers with varying levels of security gives hackers more access points. The RBI now wants to alter the current state of digital payments and standardize 'tokenization' to increase the security of all online card transactions.

In September 2021, the RBI ordered that card-on-file (CoF) tokenization be used instead of retailers holding client card information on their systems beginning January 1, 2022. In addition, businesses such as apps, websites, payment processors like RazorPay, or banks will no longer be responsible for safeguarding your card information. Tokenization is a technique the RBI developed to protect domestic card transactions by employing random strings of tokens rather than disclosing the user's personal card information.

Since the regulation on tokenization was published, according to Deputy Governor Sankar, the central bank has been in close contact with all stakeholders to guarantee a smooth transition to the tokenization policy.

How does tokenization work? 

The process of tokenizing cards is straightforward. When a card is chosen to be tokenized, the card network such as Visa, MasterCard, etc. issues the token with the bank's approval and gives it to the retailer. For example, when you save an SBI Visa debit card on Paytm by RBI's requirements, Visa will create the token with SBI's permission and share it with Paytm.

If you decide to save the identical credit or debit card on some other app, let's say Amazon, a new token will be issued and shared with Amazon. The token will vary based on the merchant and device, even if it's the same card. From a security standpoint, it implies the tokens are unique and discrete, which is beneficial.

Potential effects of tokenization

The RBI was forced to develop card tokenization as a result of the constant data leaks, thefts, and breaches that occur in the digital age. Not to add that the various security standards used by apps, websites, payment processors, and other middlemen compromise users' online security.

Tokenization has very little of an effect on the customer. Customers simply need to submit their card information once to receive a token. The process of tokenization will then be initiated by the merchant at no further cost or customer effort.

According to experts, there are no drawbacks to card tokenization from the perspective of the end-user. The RBI standards must be implemented by merchants and payment systems, but aside from that, consumers benefit.

Colombian Woman purloin Rs 17.71 Lakh from SBI ATM

 

Bengaluru Police have confronted a freshly growing crime that goes under the name ATM fraud. In this ATM fraud, the actors steal the money from the ATM by fixing a device and hacking the bank’s servers with their master dupe. In recent times, a Columbian woman has been accused of this fraud. She was held in defrauding the State Bank of India (SBI) with a calculated amount of Rs. 17.71 lakhs with her dupe. This case was registered in the Hegdenagar, Northeast Bengaluru, India. 

This incident was first perceived by a manager of SBI, Sushil Kumar Singh when he acknowledged an unusual call from a man, who had a query stating that he has received Rs. 1 lakh while he was trying to withdraw an amount of Rs. 1,500 from the local SBI ATM at Hegdenagar. This incident was reported to the Sampigehalli Police on the 11th of January. 

On the other hand, upon hearing the situation from the caller, Sushil Singh with his colleagues ran to the troubled ATM right away and started his investigation. The first thing that he did was to switch off all the ATMs at the kiosk as a precautionary measure. This was done so as the other ATMs do not get in the eye of the actor. The very next day, in the morning he found that a device was attached to the cash deposit machine (CDM) at the kiosk. Further in the investigation, a scrutiny of the cash balance receipt revealed that Rs 17,71,500 were missing from the ATM. 

Later the CCTV footage of the ATM as well as the neighboring areas was checked by the bank staff. With the help of the CCTV footage, they concluded that a woman had walked into the ATM near about 2.25 pm on the 11th of January and had fixed the device to the CDM. In this regard, Sampigehalli police evaluated the clues which helped them to track and arrest a woman, named Leidy Stefania Munoz Monsalve, aged 23 on Friday who was the culprit behind the fraud. 

The device that was fixed to the CDM works by hacking the bank’s servers connected to the ATM, which enables the actors to withdraw the money stored into the kiosk. However, the Police have recovered the stolen money from the ATM. The police mentioned that “The Hegdenagar case, along with three others from Banaswadi, Halasuru, and Nelamangala, appears to be her first foray in cybercrime”.

Currently, Monsalve is in custody for further investigation. Well, this is not the first time that Monsalve was arrested, she has been a part of thefts earlier as well. But was released on bail.