Incidents of fraud and theft involving credit and debit cards have fallen sharply in the current financial year, according to data for the first nine months provided by the Reserve Bank of India.
While the exact reasons for the sharp decrease is not known, banks in India have been putting in more and more precautions after 2014 saw a sharp rise in card fraud.
The Reserve Bank of India also made it mandatory to have more than one level of authentication for ‘card not present’ transactions in Aug 2014.
For the first nine months of the ongoing financial year, the total amount of money pilfered by theives by anauthorized use of debit cards fell to Rs 19.01 cr. For the previous year, the amount was 31.27 cr for 12 months. A financial year starts in April and ends in March.
Against 6,585 debit card related incidents reported to the RBI in FY 2015-16, the total number of such incidents reported in the first nine months of the year was 4,064.
Similarly, the total amount of money pilfered by aunauthorized use of credit card data has fallen to Rs 21.57 cr for the first nine months of the year from Rs 45.98 cr for the whole of the previous financial year.
The total number of credit card-related incidents in India fell to 4,557 in the first nine month months of the current year from 9,849 in the whole of the previous year.
The biggest area of improvement has been netbanking. Net banking frauds cost Indian banks Rs 14.95 cr in 2013-14 and Rs 24.46 cr in 2014-15.
However, with SMS-based two-factor authentication now a norm, the total money lost to net banking fraud fell to just 1.75 cr in the year ended March 2016. In the first nine months of the current year, it was Rs 1.58 cr.
The total amount lost to all three types of fraud has fallen to 42.16 cr in the first nine months of the ongoing year from Rs 79.00 cr in the whole of the previous financial year. The number of incidents too have fallen to 8,689 from 16,468.
Part of the reason for the decline in card-related security incidents may be the increased usage of mobile payments, particularly UPI payments. UPI-based apps, introduced in August last year, directly deduct the payer’s bank account and credit the money to the payee on a real time basis.
Earlier, the only way to make payments on a real time basis was to use cards or net banking.
It is likely that banks will report a new item — UPI related security incidents — in their updates to the RBI starting from next year. Though designed to be secure, UPI relies on ‘device fingerprinting’ and a four- or six-digit manual code to authenticate transactions.