Changing landscape of e-transactions

The consumers too have to shoulder the responsibility of safeguarding themselves against the growing cyber frauds
Representational Photo
Representational Photo File/ GK

For all times to come, the year 2020 will be remembered as the year that changed everything. The outbreak of coronavirus proved lethal as it took a heavy toll on human lives across the globe and simultaneously brought all sorts of economic activities to a grinding halt. However, the pandemic, at the same time, created a host of opportunities in almost all sectors of the economy. Among the opportunities, it’s the digital and e-commerce sectors, which have boomed with unprecedented growth amid the virus-induced crisis.

If the virus rolled out economic lockdowns as new normal, businesses and individuals equally navigated the crisis by taking route to digital platforms to stay economically afloat. This led to an unprecedented growth in e-transactions. While taking the digital route, the businesses and the consumers contributed to beat the virus-induced economic slowdown to a large extent. At the same time, it has sped up the digital transition where retail shopping has grown (and continues to grow) exponentially, thus paving the way for a strong digital economy. However, there are still many impediments like lack of consumers’ trust on digital platforms owing to poor digital skills etc. which prevents a vast number of consumers from boarding the electronic platforms.

In other words, the virus forced us to capitalize on the information technology tools; it reminds me of eloquent words of one of the greatest novelists, Charles Dickens: “It was the best of times; it was the worst of times.”

Today, it is the best of times in the sense that the internet has zeroed distances and made it possible for all to more easily connect with other people from around the globe, to access information from sources previously out of reach and above all to obtain services that in the past were limited to brick and mortar.

Hitherto, it is also the worst of times. Firstly, the pandemic consumed millions of human lives in a jiffy and is still behaving lethal despite vaccines now in place. Secondly, the extensive use of online platforms has exposed vast populations, mostly first timers in the world of internet, to cyber criminals. These cyber criminals are taking great advantage of electronic connectivity to perpetrate cyber frauds and to more easily gather the information needed to carry out financial crimes. For instance, a man sitting thousands of miles away in Africa can steal your money here in Kashmir in a jiffy once the fraudster lays hand on your bank account or credit/debit card details. Precisely financial crimes are taking place at our doorsteps, where a fraudster is an unknown identity. The situation is a sort of crisis in pandemic-induced opportunity of expanding the digital landscape.

Day in and day out, we come across stories of frauds where gullible consumers and even some businesses have been duped by these unidentified cyber thieves. Customers of banks have become more prone to technology-driven subversive activities of cyber criminals like blocking fraud, money laundering, identity theft etc. Identity theft can happen to anyone, rich or poor, and regardless of whether or not he uses Internet. At the moment identity theft is epidemic in nature and is known as the fastest growing crime facing people.

The growing financial frauds on digital platforms are emerging as one of the frontline challenges to the financial regulators. The safety of peoples’ money is of paramount importance and the regulators are continuously engaged in evolving new safety measures to defeat the nefarious designs of the fraudsters.

Here the Reserve Bank of India’s (RBI’s) latest step towards making online payments safer and secure through use of credit and debit cards is worth elaborating. The RBI has made it clear that no entity in the card transaction/payment chain, other than the card issuers and/or card networks, shall store the actual card data. The RBI communication reveals that the data already stored shall be erased.

The customer data stored on debit and credit cards saved by business entities or any other service providers during a transaction won’t work now and the RBI is implementing encrypted tokens’ system to carry transactions through credit and debit cards w.e.f. January 1, 2022.

While making a transaction through a card, the cardholder would either need to enter full card details or opt for tokenization from next month. Notably, the tokenization of a card requires an Additional Factor of Authentication (AFA) and depends upon the cardholder to utilize the facility or not.

In March 2020, the apex bank had issued guidelines stating that in order to boost data security; merchants will not be allowed to save card information on their websites/apps. Later in September 2021, fresh guidelines were issued to the businesses with a deadline until the end of the year 2021 to comply with the regulations and offer them the option to tokenize.

Let us understand the concept of tokenization. In this system, actual card details are replaced with a unique alternate code called a token, which is unique for each combination of card, device and token requester. This means, w.e.f. January 1, 2022, the consumer would either have to fill in all the card details like 16 digit card number, expiry date and CVV or opt for tokenization.

Let me explain. The merchant would seek your consent for initiating tokenization for your purchase through the card, be it your debit or credit card. Then the merchant will send a tokenization request to the card network, who then creates a token as a proxy to the card number and sends it back to the merchant. One token is limited to just one card and one merchant. It is noted that every time you need to make payment to a different merchant or different card, tokenization has to be initiated again.

As per the RBI communication, consumers won’t be charged for tokenization of card and can be availed by anyone. And one more important point to remember, the process is applicable only to domestic cards and International cards are not covered under this system.

How safe is this tokenization? Technology experts say card details saved in an encrypted manner through tokenization reduce the risk of fraud or compromised data to a large extent. It prohibits all online shopping portals from saving your card details on their servers. So, you either make a token before you buy an item and save that token on the particular website (for future use) or enter your card details every time you buy stuff off the internet.

We have come across media reports about many instances of data breaches from merchant websites. So the consumers have a precautionary measure in place to stay safe in the world of e-transaction.

The consumers too have to shoulder the responsibility of safeguarding themselves against the growing cyber frauds. They need to be skilled in conducting e-transactions, be it through cards or e-banking mode and keep themselves abreast with the changing landscape of the financial system.

(The views are of the author & not the Institution he works for)

Disclaimer: The views and opinions expressed in this article are the personal opinions of the author. The facts, analysis, assumptions and perspective appearing in the article do not reflect the views of GK.

Related Stories

No stories found.
Greater Kashmir