Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Transactions. Show all posts
Transactions
Cyber Fraud Digital Payment Financial Fraud Fintech RBI Transactions

Fintechs Encouraged to Join National Cyber Fraud Reporting System


The Fintech Association of India (FACE) has urged its members to register on the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS). This platform, part of the broader National Cybercrime Reporting Portal, facilitates the reporting and management of financial cyber frauds. By joining, fintech companies can better handle customer complaints and collaborate with law enforcement to prevent fraud.

This initiative by FACE is noteworthy, especially as it seeks approval to become a self-regulatory organisation (SRO) for fintech lenders. The Reserve Bank of India (RBI) is expected to announce its decision soon, with FACE and the Digital Lenders’ Association of India both in the running to be recognised as an SRO. The establishment of an SRO will likely lead to more stringent industry oversight, promoting higher standards of operation and better consumer protection within the fintech sector.

The push for fintechs to join the CFCFRMS comes at a critical time. As digital transactions grow more common, the opportunities for cyber fraud have increased. The convergence of various financial entities— such as banks, non-banking financial companies, insurance providers, and payment services—has created more potential points of vulnerability. The CFCFRMS is designed to coordinate the efforts of all stakeholders, enabling action to block fraudulent transactions before they can be completed.

RBI’s New Platform to Combat Payment Frauds

In a parallel effort to bolster cybersecurity, the RBI is developing the Digital Payments Intelligence Platform (DPIP). This platform aims to use cutting-edge technology to detect and prevent payment fraud. A committee led by A P Hota, former CEO of the National Payments Corporation of India, is currently formulating recommendations for the DPIP, which is expected to upgrade the ability to share real-time data across the payment ecosystem. This initiative is especially important in addressing frauds where victims are tricked into making payments or divulging sensitive information.

Alarming Increase in Cyber Fraud Losses

The importance of these measures is empathised by recent statistics from the Ministry of Finance. Financial losses due to cyber fraud have more than doubled in the last fiscal year, rising to Rs 177.05 crore in FY24 from Rs 69.68 crore in FY23. This sharp increase underlines the growing threat posed by cybercriminals and the need for more robust security measures.

Public Awareness and Digital Payment Safety

While the rise in cyber fraud is concerning, a survey by the RBI offers some reassurance. According to the survey, 94.5% of digital payment users have not experienced fraud. However, the risk remains, especially in semi-urban areas, where fraud attempts are slightly more common than in metropolitan regions. The most prevalent form of fraud is vishing, or voice phishing, where criminals trick individuals into revealing sensitive information over the phone. Other common tactics include phishing emails, misuse of payment requests, and remote access scams.

As digital payments become increasingly integrated into everyday life, ensuring their safety is crucial. Initiatives like CFCFRMS and DPIP are essential in building a secure and trustworthy digital financial environment. By building up on fraud prevention measures, these platforms can help maintain public confidence and encourage wider adoption of digital payment systems.


Read more »
ZKP
Blockchain Security cryptocurrency Data Privacy Stock Exchange Technology Transactions ZKP

Zero-Knowledge Proofs: How They Improve Blockchain Privacy?



Zero-knowledge proofs (ZKPs) are emerging as a vital component in blockchain technology, offering a way to maintain transactional privacy and integrity. These cryptographic methods enable verification without revealing the actual data, paving the way for more secure and private blockchain environments.

At its core, a zero-knowledge proof allows one party (the prover) to prove to another party (the verifier) that they know certain information without disclosing the information itself. This is particularly valuable in the blockchain realm, where transparency is key but privacy is also crucial. For example, smart contracts often contain sensitive financial or personal data that must be protected from unauthorised access.

How ZKPs Operate

A ZKP involves the prover performing actions that confirm they know the hidden data. If an unauthorised party attempts to guess these actions, the verifier's procedures will expose the falsity of their claim. ZKPs can be interactive, requiring repeated verifications, or non-interactive, where a single proof suffices for multiple verifiers.

The concept of ZKPs was introduced in a 1985 MIT paper by Shafi Goldwasser and Silvio Micali, which demonstrated the feasibility of proving statements about data without revealing the data itself. Key characteristics of ZKPs include:

  • Completeness: If the prover's statement is true, the verifier will be convinced.
  • Soundness: If the prover's statement is false, the verifier will detect the deception. 
  • Zero-Knowledge: The proof does not reveal any additional information beyond the validity of the statement.

Types of Zero-Knowledge Proofs

Zero-knowledge proofs come in various forms, each offering unique benefits in terms of proof times, verification times, and proof sizes:

  • PLONK: An acronym for "Permutations over Lagrange-bases for Oecumenical Non-interactive arguments of Knowledge," PLONK is known for its versatility. It supports various applications and allows a large number of participants, making it one of the most widely used and trusted ZKP setups.cyber 
  • ZK-SNARKs: Short for "Succinct Non-interactive Argument of Knowledge," ZK-SNARKs are popular due to their efficiency. These proofs are quick to generate and verify, requiring fewer computational resources. They use elliptic curves for cryptographic proofs, making them suitable for systems with limited processing power.

  • ZK-STARKs: "Scalable Transparent ARgument of Knowledge" proofs are designed for scalability and speed. They require minimal interaction between the prover and verifier, which speeds up the verification process. ZK-STARKs are also transparent, meaning they do not require a trusted setup, enhancing their security.
  • Bulletproofs: These are short, non-interactive zero-knowledge proofs that do not require a trusted setup, making them ideal for applications needing high privacy, such as confidential cryptocurrency transactions. Bulletproofs are efficient and compact, providing strong privacy guarantees without significant overhead.

Advantages for Blockchain Privacy

ZKPs are instrumental in preserving privacy on public blockchains, which are typically transparent by design. They enable the execution of smart contracts—self-executing programs that perform agreed-upon actions—without revealing sensitive data. This is particularly important for institutions like banks, which need to protect personal data while complying with regulatory requirements.

For instance, financial institutions can use ZKPs to interact with public blockchain networks, keeping their data private while benefiting from the broader user base. The London Stock Exchange is exploring ZKPs to enhance security and handle large volumes of financial data efficiently.

Practical Applications

Zero-knowledge proofs have a wide array of applications across various sectors, enhancing privacy and security:

1. Private Transactions: Cryptocurrencies like Zcash utilise ZKPs to keep transaction details confidential. By employing ZKPs, Zcash ensures that the sender, receiver, and transaction amount remain private, providing users with enhanced security and anonymity.

2. Decentralised Identity and Authentication: ZKPs can secure identity management systems, allowing users to verify their identity without revealing personal details. This is crucial for protecting sensitive information in digital interactions and can be applied in various fields, from online banking to voting systems.

3. Verifiable Computations: Decentralised oracle networks can leverage ZKPs to access and verify off-chain data without exposing it. For example, a smart contract can obtain weather data from an external source and prove its authenticity using ZKPs, ensuring the data's integrity without compromising privacy.

4. Supply Chain Management: ZKPs can enhance transparency and security in supply chains by verifying the authenticity and origin of products without disclosing sensitive business information. This can prevent fraud and ensure the integrity of goods as they move through the supply chain.

5. Healthcare: In the healthcare sector, ZKPs can protect patient data while allowing healthcare providers to verify medical records and credentials. This ensures that sensitive medical information is kept confidential while enabling secure data sharing between authorised parties.

Challenges and Future Prospects

Despite their promise, ZKPs face challenges, particularly regarding the hardware needed for efficient proof generation. Advanced GPUs are required for parallel processing to speed up the process. Technologies like PLONK are addressing these issues with improved algorithms, but further developments are needed to simplify and broaden ZKP adoption.

Businesses are increasingly integrating blockchain technologies, including ZKPs, to enhance security and efficiency. With ongoing investment in cryptocurrency infrastructure, ZKPs are expected to play a crucial role in creating a decentralized, privacy-focused internet.

Zero-knowledge proofs are revolutionising blockchain privacy, enabling secure and confidential transactions. While challenges remain, the rapid development and significant investment in this technology suggest a bright future for ZKPs, making them a cornerstone of modern blockchain applications.


Read more »
Transactions
Bengaluru Cyber Crime Scam Stock market Transactions

Stock Market Scam in Bengaluru: Businessman Loses Rs 5.2 Crore



In a recent cybercrime incident, a 52-year-old businessman from Bengaluru fell victim to a stock market scam, losing a staggering Rs 5.2 crore. The victim, referred to as Sharath for anonymity, reported the incident to the cybercrime police on April 8. According to his account, the ordeal began when he received a WhatsApp message on March 11 promoting stock market investments with promises of high returns. Despite refraining from clicking the accompanying link, Sharath found himself involuntarily added to a WhatsApp group named "Y-5 Ever Core Financial Leader," boasting around 160 members.

Subsequently, Sharath received numerous calls from unidentified numbers, urging him to download an application linked to the investment scheme. Initially resistant, Sharath eventually succumbed to the persuasion tactics employed by the fraudsters and downloaded the app. Under the guidance of the perpetrators, Sharath began purchasing stocks facilitated by multiple accounts provided by the fraudsters. Assured that his funds were being invested in the stock market, Sharath transferred a staggering Rs 5.2 crore to five designated accounts by April 2.

Despite his growing suspicions, Sharath's attempts to withdraw profits or reclaim some of his invested capital for further investments were thwarted by the fraudsters. It was only then that he realised he had fallen victim to a scam. In response to the complaint, authorities have initiated legal proceedings under the IT Act, with ongoing investigations. Efforts have been made to freeze the funds in the fraudsters' accounts in collaboration with bank officials, raising hopes for potential recovery of some of the lost money, as confirmed by a senior police official.

Senior Citizen Scammed: Woman Loses Rs 6 Lakh

In another distressing incident, a 61-year-old woman fell prey to cybercriminals impersonating Delhi police and Customs officials. Exploiting her fear, the fraudsters falsely accused her of drug smuggling and money laundering, coaxing her to transfer Rs 6.56 lakh. Manipulating her trust, they provided fake validation procedures, leading to her significant loss.

These incidents serve as stark reminders of the growing tactics of cybercrime and the importance of caution while engaging in online transactions. Authorities urge the public to exercise caution and scepticism when encountering unsolicited investment opportunities or suspicious requests for financial transactions. As investigations continue into these cases, efforts to combat cybercrime through deliberate security measures and real-time data sharing remain imperative to safeguard individuals and businesses from falling prey to such fraudulent schemes.


Read more »
X
Cyber Security HDFC Network Banking SBI Transactions Twitter UPI X

Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy

 


Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface (UPI) transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI transactions. They took to X (formerly Twitter) to complain about not being able to complete the transaction. It was confirmed in a tweet that the National Payments Corporation of India had suffered from an outage which led to the failure of UPI transactions in some banks. 

A website monitoring service with issues received reports that the UPI service was not working for Kotak Mahindra Bank, HDFC Bank, State Bank of India (SBI), and others, according to Downdetector, a website monitoring service. According to reports on social media platforms, hundreds of bank servers have experienced widespread outages nationwide, impacting the Unified Payments Interface (UPI) transactions. 

Users were flooding social media platforms with details of these disruptions. As well, Downdetector, a company providing website monitoring services, received reports of ongoing outages affecting UPI as well as Kotak Mahindra Bank, HDFC Bank, State Bank of India (SBI) and others. The outage seems to affect UPI transactions made using several banks as well. 

In some cases, users have reported experiencing server problems when making UPI payments with HDFC Bank, Baroda Bank, Mumbai Bank, State Bank of India (SBI), and Kotak Mahindra Bank, among other banks. In addition to reporting UPI, Kotak Mahindra Bank and HDFC Bank's ongoing outage on Downdetector, a website that keeps an eye on outages and issues across the entire business landscape, Downdetector has also received reports of ongoing outages from users. 

Several users have reported having difficulty with the “Fund Transfer” process within their respective banks due to technical difficulties. A new high was reached by UPI transactions in January, with a value of Rs 18.41 trillion, up marginally by 1 per cent from Rs 18.23 trillion in December. During November, the number of transactions increased by 1.5%, reaching 12.20 billion, which is up by 1.5 per cent from 12.02 billion in October. 

In November, the number of transactions was 11.4 billion, resulting in a value of Rs 17.4 trillion. The NPCI data shows that the volume of transactions in January was 52 per cent higher and the value was 42 per cent higher than the same month of the previous financial year, according to NPCI data. 

Earlier in November 2023, a report stating that the government was considering implementing a minimum time constraint within the initial interaction between two individuals who are carrying out transactions exceeding an adjustable amount was published. 

The Indian Express reported that, according to government sources, the proposed plan would dictate a four-hour timeframe to be imposed on the first digital payment between two users, particularly for transactions exceeding Rs 2,000, based on inputs that were received from the government.
Read more »
UPI
Cyber Fraud Data Digital Payment Safety Security Transactions UPI

UPI Frauds led to 15.3% Rise in Cybercrime Complaints Between Q1, Q2 in 2022: MHA

 

The unified payments interface (UPI) was a huge success. On the other hand, people are increasingly being cheated when conducting online transactions. UPI frauds contributed significantly to a 15.3% increase in the overall number of complaints reported on the National Cybercrime Reporting Portal (NCRP) between the first and second quarters of 2022, according to data from the Ministry of Home Affairs.

While the total number of registered complaints in the first quarter of 2022 was 206,198, it increased by 15.3 percent to 237,658 in the second quarter. The number of 'UPI fraud complaints,' a cyber crime category under NCRP, increased from 62,350 in Q1 2022 to 84,145 in Q2 2022.

When compared to other NCRP cyber crime categories such as debit/credit card fraud, internet banking-related fraud, and others, this represents a 34% increase.
These overall figures correspond to an increase in the number of cybercrime complaints registered on the NCRP portal since 2021.

This rise can be attributed to the expansion of digital payment systems since the Covid-19 pandemic, which has allowed small businesses to enter the ecosystem. UPI payments increased by more than 1,200 percent in the six months ending in September, according to an RBI report.

According to the MHA report, "Online financial fraud, a cyber crime category under NCRP is the most prevalent among others, as 67.9 percent of the total reported cyber crime were 'online financial frauds. However, no actual figures for this category were provided in the report.

Debit/credit card/sim swap fraud increased from Q1 to Q2 of 2022, which falls under financial fraud. In Q2, the figures were 26,793 compared to 24,270 in Q1. Nevertheless, complaints about internet banking decreased in the second quarter of 2022. While the figure was 20,443 in the first quarter of 2022, it fell to 19,267 in the second quarter.

UPI transactions are increasing

Unified Payments Interface (UPI) transactions hit a new high of Rs 12,11 lakh crore in October, six months after surpassing Rs 10 lakh crore in May.

This figure is expected to rise, with the RBI's Payment Vision 2025 projecting that UPI will grow by 50% on an annualized basis. This increased adoption of UPI will unintentionally contribute to an increase in UPI fraud.

In response, the National Payments Corporation of India (NPCI) launched 'UPI-Help' on the Bharat Interface for Money (BHIM) UPI last year to provide a simple grievance resolution mechanism.

One can view their transaction history in the BHIM UPI application by selecting the 'raise a complaint option. The user can then choose which transaction requires a complaint to be filed. They can raise a concern by clicking "raise concern," describing the issue in an online complaint and submitting it.

NPCI also launched the Safety Shield campaign earlier this year to assist users with online payments via UPI.

Read more »
Transactions
Cyber Security Data Safety Digital Money Safety Security Transactions

A New Era of Digital Money & Security

 

The increasing use of digital financial services—mobile banking, online purchasing, and peer-to-peer payments—means that money is increasingly passing from computer to computer rather than through human hands. There will be no cash, plastic cards, paper bills, checks, envelopes, or stamps. Digital is no longer just another method of transferring funds. 

Every organisation that moves money must interact with customers through computers, smartphones, and other devices, and provide quick, secure payment services. As consumers worldwide sought to shop without contacting anything or going anywhere, the covid-19 pandemic boosted digital money movement, from online purchases to contactless payments and smartphone wallets.

“The common denominator across almost all post-pandemic behavioural shifts is the growing importance of digital payments. Covid forced a market that was already growing to greatly accelerate,” says Paul Fabara, executive vice president and chief risk officer at Visa, whose worldwide networks handled an estimated $13 trillion worth of transactions last year.

According to the World Bank's Global Findex Database, 76% of adults worldwide have a financial institution or mobile money provider account as of 2021, up from 68% in 2017 and 51% in 2011. 71% of adults in developing countries are included in this figure. By 2021, nearly 95% of adults in high-income economies will have made or received digital payments. During the pandemic, 80 million adults in India and 100 million in China made their first digital payment.

Fraudsters are well-known for going where the money is, and their online activities are expanding in lockstep with the increase in digital transactions. As per FBI's Internet Crime Report for 2021, annual losses from cybercrime in the United States nearly doubled between 2019 and 2021, from $3.5 billion to $6.9 billion.

Driving online transactions

According to Aaron Press, research director of worldwide payment strategies at IDC, who tracks the development and adoption of real-time payments, business-to-business customers are beginning to demand the same seamless real-time transactions that consumers expect.“If you think about the way you shop online for personal things or pay your friends using a mobile-to-mobile app, those expectations are finding their way into the business environment,” he says.

According to an MIT Technology Review Insights survey of global business leaders, digital payment technologies are of high interest across all types and sizes of businesses. Although 36% of respondents are new to digital payments, 43% expect to expand their offerings over the next 18 months, and many are experimenting with cross-border transactions (37%), as well as cryptocurrency (18%).

Press concluded, "Digital payments are more efficient and dramatically reduce errors. You’re much less likely to fill out something the wrong way, because there are checks and balances within the system.”

The full report can be viewed here.
Read more »
Subscribe to: Posts (Atom)