Given the significant increase in financial fraudulent activities and online scams, the government is mulling to establish a fast track court mechanism to resolve cyber crime (under Ministry of Home Affairs) effectively and expeditiously in the country, the Ministry of Electronics and Information Technology (MeitY) informed the Parliamentary Standing Committee on Communications and Information Technology, on March 7.
For its part, the Ministry itself is implementing ‘Information Security Education and Awareness (ISEA) Project’ for generating human resources in the area of Information Security and creating general awareness on various aspects of cyber hygiene/cyber security among the masses.
According to MeitY, digital payments have significantly increased in recent years owing to coordinated efforts of the Government with all stakeholders. The total payment transactions volume had increased from 2,071 crore in FY 2017-18 to 13,462 crore in FY 2022-23 and crossed 7437 crore during financial year till September 24, 2023.
Further, digital payments in India are expected to grow over three fold by 2025 due to growing smartphone penetration, COVID-led changes in consumer behaviour and government policies for financial inclusion. The Ministry has submitted that coordinated efforts of ecosystem partners had led to an increase in digital payments acceptance infrastructure in the country. This shows that there is a growing penetration of digital payments, which is a big step towards formalisation of the Indian economy.
However, the rising cases of cyber frauds are a big challenge to it. Online financial frauds as reported on the National Cybercrime Reporting portal (NCRP) constitute more than 60% of the total cyber-crime complaints reported. As per Indian Cyber Crime Coordination Centre (I4C), cyber frauds that were reported increased by 128% in 2022 in comparison to 2021. This exponential increase of cyber frauds is alarming and the Committee sees a necessity to have a multipronged approach to deal with the issues of cyber frauds.
To tackle this, opining that punitive measures are long drawn, time consuming and less effective, the Committee emphasised a multipronged approach with effective coordination of all stakeholders to deal with cyber frauds. It also called upon the various Ministries involved to focus on preventive measures to ensure that cyber frauds are held under check and the action taken in this regard may be submitted at the earliest.
The Committee, in its original report, had pointed out the number of incidents related to malware were significantly higher in Android phones and sought the comments of the Ministry, which then submitted that Android platforms provide side loading installation feature which is exploited by cyber criminals for creating malicious financial apps.
Ministry of Home Affairs (MHA) is supplementing the efforts of States/UTs along with several Ministries/departments by taking action in co-ordination with each other. (I4C), which has been established by MHA, interacts regularly with various stakeholders like DoT, TRAI, TSPs, ISPs, MeitY, Cert-IN, NPCI, NCIIPC, SEBI, Banks, Financial Institutions, Intermediaries, etc. for effective coordination and carries out the analysis of various cyber threats at regular intervals and issues advisories on cybercrime trends, modus operandi with States/UTs, Para Military Forces, banks, financial intermediaries and other relevant stakeholders at regular intervals.
Additionally, for immediate reporting of financial frauds and to stop siphoning off fund by the fraudsters, Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) module has been launched by National Cyber Crime Division as a part of NCRP.
MeitY also briefed the committee on establishing a Cyber Fraud Mitigation Centre (CFMC) where representatives from major banks, financial intermediaries, payment aggregators, telecom service providers (TSPs), IT intermediaries and law enforcement agencies (LEAs) of States/UTs are working together to combat cybercrime through prompt action and continuous collaboration. Various steps have also been taken by Reserve Bank of India (RBI) to enhance
security of digital payment transactions (including card/online transactions).
Previously, MeitY issued letter directing all central Ministries/Departments and State/UT governments to carry out regular periodical audit of IT infrastructure, websites and applications yearly or whenever there is a change in any component of IT infrastructure, websites or applications whichever is earlier.
Further, the Committee noted that fintech companies, apps and platforms such as PhonePe and Google Pay owned by foreign entities dominate Indian fintech sector. The market share in terms of volume of key players of UPI Google pay and Phonepe was 36.39 per cent and 46.91 per cent respectively in October-November 2023. However, market share by volume of Indigenous BHIM UPI was only 0.22 per cent in the same period.
To this MeitY replied that NPCI BHIM Services Ltd. (NBSL) has been setup as a subsidiary and is functioning with dedicated focus, leadership and capital infusion since October 1, 2024. The technology stack is also being rebuilt to ensure availability of capacity to handle scale and BHIM is attempting to increase its collaboration with banks, which will increase the market share of bank apps.
For punitive actions, MeitY pointed out that MHA is the appropriate ministry to deal with matters related to Cyber Crime and the newly enacted Bharatiya Nyaya Sanhita, 2023 (“BNS”) (enforced from 1st July, 2024) is also adminsitered by MHA. Section 111 of the BNS punishes the commission of any continuing unlawful activity including economic offence, cyber-crimes, by any person or a group of persons, either as a member of an organised crime syndicate or on behalf of such syndicate. The punishment is minimum of 5 years (non-bailable) which may extend to imprisonment for life and fine not less than 5 lakh rupees and fine not less than 10 lakh rupees in case death of any is caused.
It was also highlighted that last year, I4C raised the issue of use of virtual accounts for transnational money laundering activities by creating illegal Payment gateway/aggregator mechanism for committing frauds with the Reserve Bank of India and the Department of Financial Services (DFS) in a senior level meeting.