Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management
India Launches Effort to Track, Freeze Cyber Fraud ProceedsFinancial Institutions Support Initiative to Target Cybercrime
The Indian government has set up the Citizen Financial Cyber Fraud Reporting and Management System to report, track - and ultimately freeze - the proceeds of cyberattack-induced financial theft.
See Also: Webinar | How the SASE Architecture Enables Remote Work
The system, which features a national helpline - 155260 - for victims of fraud, was developed by the Indian Cyber Crime Coordination Center, or I4C, under the Ministry of Home Affairs, with support from the Reserve Bank of India, major banks, payment banks, wallets and online merchants, the government said in a statement. The system can track the flow of stolen money from bank to bank in real time so that banks can freeze the funds to prevent cashout by the criminals, the statement notes.
The Rollout So Far
Initially, the system is operational in seven states and union territories: Chhattisgarh, Delhi, Madhya Pradesh, Rajasthan, Telangana, Uttarakhand and Uttar Pradesh, which means it covers more than 35% of the country’s population, the statement says.
Since its soft launch in April, the system has helped intercept $250,000 before it reached fraudsters, the government notes. Delhi and Rajasthan have been the most successful so far, saving a total of $78,000 and $71,000, respectively.
How the System Works
The government says the mechanism is designed to help banks and the police leverage technology to share online fraud-related information and take action in real time.
“The loss of defrauded money in online cheating cases can be stopped by chasing the money trail and stopping further flow - before the fraudster takes it out of the digital ecosystem," the government statement notes.
The helpline number is operated by the relevant state police. Police gather fraud transaction details and basic personal information from callers and submit them in a ticket to the content management platform. The information is then shared with relevant banks, payment wallets or merchants.
The financial institution can then access the fraud details on the system's dashboard and take steps to freeze the defrauded money if it's still under the bank’s control.
The victim, after registering a complaint, receives an acknowledgement number via SMS along with a request to submit complete details of the fraud on the National Cybercrime Reporting Portal within 24 hours of the incident.
"If the defrauded money has moved out to another bank, the ticket gets escalated to that bank. This process is repeated until the money is saved from reaching the fraudsters," the government states.
Banks that are a part of this initiative include the State Bank of India, Punjab National Bank, Bank of Baroda, Bank of India, Union Bank, IndusInd, HDFC Bank, ICICI Bank, Axis Bank, Yes Bank and Kotak Mahindra Bank. Major wallets and merchants - such as Paytm, PhonePe, Mobikwik, Flipkart and Amazon - are also participating.
Implementation of the fraud-fighting system is an overdue step in the right direction, says Pavan Duggal, an advocate at the Supreme Court of India, who is president of the consultancy platform cyberlaws.net and an expert on ecommerce law.
"The golden age of cybercrime has already begun with the coming of COVID-19. More and more Indians have jumped on the internet bandwagon during the pandemic at a time when online financial fraud, phishing and identity theft have become the top three cybercrimes," Duggal notes.
India now has 624 million internet users, according to the Digital 2021 April Global Statshot Report.
Many Indians are losing large amounts of money online as they fall victim to phishing schemes, Duggal says.
The government may have overlooked the potential negative consequences of the big Digital India initiative move to cashless transactions, which led to the surge in scams, says Mumbai-based cybercrime investigator Ritesh Bhatia, founder of security firm V4WEB Cybersecurity.
Bhatia calls for building greater awareness about the portal and the need for prompt fraud reporting. “Even 30 minutes is a long time for any fraudster to transfer amounts to untraceable accounts or withdraw an amount,” he says.
Duggal points out that India needs to strive to greatly improve its cybercrime conviction rate, which reportedly is less than 1%.
"The chances that a cybercriminal will be caught and punished is a very, very far drawn-out conclusion," he says. "That's why more and more Indians have become pragmatic and are not concerned whether a criminal is caught or not - they just want their stolen money back."
Impact of COVID-19 Third Wave
The third wave of the COVID-19 pandemic in India could lead to another surge in cybercrime, Duggal says.
"We've seen panic and fear being weaponized by cybercriminals," Duggal says. "Now, this weaponization process will continue at a far more sophisticated and complex level. Cybercrime and online financial fraud are now being adopted as cottage industries across tier-2 and tier-3 cities, and rural and semirural areas, because when people lose jobs, they don't have revenue-generation opportunities."