Jai Karan Singh , CTO A , Punjab National Bank
If there is anything 2016 has taught us it is that the financial services industry is in a perpetual state of red alert from information security threats, with the Internet offering an unwelcoming channel for unwanted incursions.
Banking industry is undergoing tremendous changes. The integration of world for common trading terms and conditions has even forced the banking industry to go under rapid changes. The local industry and individual demands are adding its push to it.
The available technology and trained manpower is ready to adopt these changes. The availability of these two basic elements not only varies from place to place but is also scarce at some places. This brings a major gap in implementation of techie resources and gadgets. Some users at some places are more aware than others. While this is a usual phenomenon and will last forever, but this brings an opportunity for antisocial and antinational elements to pose a major threat. Cross border individuals, groups, and rogue states are no exception to it; rather we call it an even more dangerous threat. Some states are haven to such elements and provide an umbrella of immunity to them.
Data security as of today is seen as a major challenge faced by banking industry. Banking industry as a whole seems to be adequately geared up to deal with any cyber threat but the common user lags behind for want of optimum level of knowledge and training. While the world is transferring from laptop to palm gadgets, it is even a more serious challenge. In India particularly, majority of the population is shy of using available technology, which otherwise makes banking easy, paperless, and speedy. The reason could be attributed to the attained education level, cost, and available remedial solutions in case of a problem. For example, if some ATM fraud happens, the individual is the sole sufferer in most of the cases, even if he has no role whether direct or proxy. The cyber crime redressal system is not mature enough to tackle every issue reported to it. The team involved in it is not only thin but also lightly loaded with required infrastructure. In India, one common issue that arises most of the time is that a fraud reported is not sensitively taken up for solution.
As the user is moving to android-based gadgets, the duplication of authenticated applications is on the rise. The user is confused and is misled in some cases. For example, the government has launched an application called Digilocker for keeping documents in digital form. Today, if you search on Google play store, you will find several applications with similar names, which as pointed out earlier is a major data security threat.
The National Payment Corporation of India (NPCI) has recently launched an application BHIM for cashless payment. While the government is pushing for cashless economy, BHIM application is projected as a star campaigner for it. While at present it is the simplest, easiest, and least data security threat bearer but it is no exception for duplication or similarity in availability of other applications by non-authorized developers.
Government at national level is aware of such happenings but seems to be helpless at present. Only time will show how government will tackle these issues. The government should institute a mechanism whereby an aggrieved person can approach the authority fearlessly and for surety of the solution. A fund similar to the Depositors Education and Awareness Fund (DEAF) by RBI should be launched by the government so that an aggrieved person may be adequately compensated on the spot while the investigation is in progress. By this, we can bring the faith of the common user in the system and engage the majority of population in digital banking. The common user issues should rather be treated as baking industry issues as banks face un-acceptance of new digital channels. Digital banking is seen as a major cost-cutting tool in banking industry, but until it reaches the majority of population, it remains a dream milestone.