How secure are the payment apps in the Indian cyber domain?
In the current wave of striving towards digitization, the country is moving at a rapid pace towards use of internet services. With a high number of social media platform users in the country, day by day the number of internet users are increasing in high rate, information about one’s life is either directly or indirectly stored in the Cloud servers which itself is a new technology, volatile in nature and not so secure, now post demonetization Indian economy have given a boost to cashless economy ideology. Thus it has given a rise in the use of smartphone applications like an online wallet for the transaction on a day to day life.
But, are the Smartphone wallet applications trustworthy in today’s world? Is our cyber domain secure enough to support the digitization of our economy?
In today’s world, the developed countries like Russia, United states etc. have more effectively beefed up their security against the risk of cyber-attack into their internet domain space. While India stands very low in the ranking of cyber security defense setups as per the world economic forum. Recently, A Chipset Company Qualcomm which mainly powers the android smartphones in today’s market have announced that none of the wallet apps in India which runs on android and any many other operating systems have any kind of hardware-backed security system. All the authentication and verification is done in software level at the android platform itself. Most of the online shopping websites and payment apps use the Visa/Verisign secured payment gateway to finalize the transaction by using OTP (One Time Password).
What can be done?
Today most of the smartphone comes with a fingerprint scanner. A user can use the fingerprint scanner not only just to unlock their device but also can lock an app and even can make online transaction instead of using the traditional password protected method. Those stored fingerprints can easily be accessed by cyber criminals from its database; this may lead to compromising the users’ details and transactions. Thus the need for the hour is to establish a hardware-backed authentication process and real-time user authentication by verifying IMEI number, Device IDs, digital signatures and real-time stamps of transaction period and its location.
Qualcomm is already into the process of manufacturing chips for hardware backed secured layer authentication which will be available in the market by the end of next year. India has acknowledged the need for strong cybersecurity to protect its economy, people and assets from the enemies thus its cyber security department was established by the PMO office in 2014. But we are yet to build up a robust infrastructure of the Internet Domain to prevent ourselves from attacks like Ransomware, espionage, frauds and so on!
Thus it’s too early and Highly Risky for India to go for Cashless economy. Before we move on to the Cashless economy, we need a highly secured and strong firewalled internet space and all the users’ data need to be filtered, restricted for any of the third party business outside the country without proper authentication. A strong and high-speed data traffic management need to be achieved.
If you have liked the post please do share. This blog needs your support to grow more and you can do so by sharing this post. Thank You
Sources: weforum.org, TimesOfIndia, scroll.