Given the increasing instances of cyber-attacks and digital frauds in India, the Ministry of Home Affairs, SBI Cards and Payment Services Ltd. (SBI Card) and telecom companies are partnering up to create a solution for notifying users about stolen one-time passwords.
As per a report by the Economic Times, this initiative forms part of a larger strategy to tackle the increasing menace of cyber fraud and phishing attacks within the banking sector.
Sources cited in the report stated that the government is currently trialing a system enabling banks to monitor both the registered address and geolocation of a customer, along with the delivery location of an OTP. If there's a disparity between these locations, it will trigger an alert for the customer, indicating a potential phishing attempt.
"The solution is still being tested; these are early days but the idea is to track the geolocation of the customer through the telecom database and ensure that the OTP is going to the right area," a senior bank official told ET on the condition of anonymity.
The Reserve Bank of India (RBI) initially advocated for an extra layer of authentication for digital payment transactions primarily to counter fraud. However, over time, cybercriminals have developed sophisticated techniques to either deceive unsuspecting bank customers into divulging OTPs or redirect OTPs to their own devices through illicit methods. Consequently, the efficacy of the second authentication factor in combating cybercrimes has diminished.
The Reserve Bank of India (RBI) had initially recommended an extra layer of authentication for digital payment transactions primarily to counter fraud. However, cybercriminals have evolved their techniques to either deceive customers into divulging OTPs or redirect OTPs to their own devices through illicit methods. This makes the second authentication factor less effective in combating cybercrimes.
As per government data, the registry received 1.12 million complaints, amounting to Rs 7,488 crore in fraudulent transfers in 2023.
