The recent attack by 'WannaCry' ransomware had left several organisations and countries locked-in. The ease with which this ransomware has spread across several countries raises big questions on cybersecurity issues. This worrisome situation also raises questions on security and safety aspects on initiatives like 'Digital India' that aim at transforming India into a digitally empowered society and expect to further accelerate awareness, availability and adoption of digital technologies. Unfortunately, the benefits of digital payments also increase risks and the principal concern over the rush to a digital economy is the growing threats of cyber-attacks, and data leakage, says a research note.
In its note on 'Digital Payments - Analysing the cyber landscape', KPMG, said, "Keeping pace with the growth of digitisation, the cyber threats are not far behind. As many as 11,592 cases of cybercrime were reported across India in 2015. The growth in cybercrime coupled with proliferation of digital economy is as close as it can get to a death-knell, if not dealt appropriately." KPMG had also conducted a survey on cybersecurity concerns around digital payments.
According to the tax and advisory service provider, the lack of awareness among customers and the evolving digital payment ecosystem have amplified the chances of exposure to cybersecurity risks such as online fraud, information theft, and malware or virus attacks. It said, "Security should be the shared responsibility of government, organisations as well as the end users. Organisations should regularly update their software and fraud detection systems while the users should be aware of the basic security features. The government should focus more on educating the customers as well as enforcing basic security standards for organisations. Also, all the breaches should be mandatorily reported."
The pace of shift to digital payments has significantly increased with the strong move towards a cashless economy. The main factors that influenced this growth include increasing mobile phone penetration, lower cost of service delivery, banks discouraging customers from visiting branches, the unorganised sector supporting digital payments and the demonetisation drive.
While macro factors clearly indicate a favourable environment for digital payments, which is also being supported by the approach being taken by the regulator, KPMG says several challenges remain before India becomes truly digital. These challenges include wide use of feature phones, especially in rural areas, patchy digital connectivity in parts of the country, acceptance and change in mind set, lack of awareness and security in transactions.
KPMG says with initiatives like 'DigiShala', the Indian government aims at building a conducive ecosystem for a cashless economy. Other initiatives like national optical fibre network (NOFN) and introduction of unified payments interface (UPI) and Bharat interface for Money (BHIM) can help support faster adoption and transition to digital payments.
However, it added, this sudden surge and change in end user profile has led to various challenges in the digital payment ecosystem. "Cybersecurity is one of the most critical challenges faced by stakeholders of the digital payment ecosystem. With more and more users preferring digital payments, the chances of getting exposed to cybersecurity risks like online fraud, information theft, and malware or virus attacks are also increasing. Lack of awareness and poor digital payment ecosystem are some of the primary reasons that have led to increase in these attacks," it added.
KPMG says, "A robust regulatory framework, an effective customer redressal framework, fool proof security measures to enable confidence and tryst, incentives for large participation and benefits similar to cash transactions, such as ease of use, universal acceptability, perceived low cost of transaction, convenience and immediate settlement, are some measures that can help ensure long-term success for digital payments."
"The larger question is who is responsible and accountable for a cashless economy. The government and the Reserve Bank of India (RBI) have clearly stated that cashless economy is the way forward. In this scenario, we need to answer some important questions, like is there adequate governance mechanism and public policy intellect to cope with the impact of digital or cyber terrorism and warfare? Are the three pillars of our democracy, legislative, executive and judiciary skilled and ready to take on the challenges of cybercrime? If the economy runs on digital, should the government report on cyber security performance? Do companies have an obligation to their customers and investors to be transparent on their cybersecurity performance? These are just some of the questions that need to be answered for a thriving yet secure digital economy," KPMG concluded.