With a quantum shift in the lives of the consumers, payment processing system seems to have a major impact on the future business. Right from booking air tickets, to buying clothes and shoes, to banking and paying bills — Internet is changing lives. However, this new economy is bringing with it, its own share of challenges. Payment fraud is one of them.
As revealed in a recent Norton report by Symantec, India is among the world’s top five countries for the highest number of incidences of cyber crime. This includes ransomware, identity theft and phishing incidents with the average cost per cyber victim going up from USD 192 last year to USD 207.
The stats further revealed that 63 per cent of smartphone users in India experienced some form of mobile cyber crime in the past 12 months. Also, there are 66% of Indian consumers using their personal mobile device for both work and play, which thus, creates entirely new security risks for enterprises.
At iamWire’s Internet Retail Expo 2014, Dr. Aravind Chaturvedi, Additional SP, UP Special Task Force, focused on the various issues and challenges in the cyberspace, also sharing the tips on avoiding these risks.
According to Aravind, currently online payment card fraud is 63% of the total retail pay-card fraud. The major challenge in cyberspace is the anonymity which makes identity tracing a significant problem. However, this problem is further complicated when even the digital stamping of transactions in cyberspace is denied.
One of the major concern is ‘Proxied Internet Services’, wherein multiple users are able to access the internet whilst hidden behind a single identifiable IP address. Also, most of the time, fraudsters were left as suspects only as there are always issues in getting port numbers or private IP addresses as it is unavailable with most of the primary investigating points such as payment gateways.
However, he also believes that we are very rich as far as the law is concerned. India is one of the 8 countries in the world to come up with an IT Act dedicated to punish the offenders of online fraud.
According to Aravind, a few possible solutions for dealing with malicious activities can be:
ISP’s must maintain access logs for all NATed devices
Mail Service providers need to modify their server configuration to keep the records (initially, Airtel was the first company to introduce PORT capturing system when someone visits a website from the mobile phone)
Capacity of Law Enforcement needs to be enhanced to deal with the fraud
When asked about the parameters of of mobile devices and their availability to the police, he said, ”All 143 parameters of your mobile devices are captured and available to the police. Even if you are not making a call, every 7th second a signal is being sent to the tower to trace your location.”