In India, banking on mobile can be done through mobile banking and mobile wallets, with more facilities offered to customers the chances of frauds tend to increase.
As per the latest RBI policy on mobile wallets, an individual customer can load up to Rs 1,00,000 in wallets or transfer from one wallet to another. These wallets, apps will help reduce cash transaction as suggested by RBI as it will help track the transaction easily.
Most of the banks in India offer mobile banking and banking apps for financial transactions such as bill payments, fund transfer, shopping etc.
Individuals should be aware of what are the risk involved in banking through mobile. As per the Assocham-PwC report here are 10 risks involved in using mobile banking and wallets for financial transactions.
Mobile banking mapped to incorrect number
Individuals such as senior citizen or persons who are not using mobile banking can a easy trap. An employee or fraudster can attach his number to the bank account and install mobile application for the same. The bank customer will not be aware as he does not get any notification regarding the same.
Creating fake and non-existent users
Most of the banks appoint a vendor to design a mobile application to be integrated to their banking system.
There are chances that the vendor may create two unauthorised users with rights to initiate and verify transactions, and transfer funds from the organisation to his associates' wallets, effectively stealing money from banks.
The increase in the number of mobile banking users is accompanied by a rise in attacks through malware.
Malware is a software which is specifically designed to disrupt or damage a computer system.
Mass attacks are possible through the theft of credentials which can be used for personal benefits.
SIM swap means replacing the old SIM with a new one, when the old gets lost or damaged, or when one needs a differently sized SIM card.
If a fraudster manages such a swap, he can carry out numerous fraudulent transactions using the mobile number of the victim
Fake or similar interface apps
Fake applications, with exactly the same user interface as the original application, are being created to steal confidential information shared by the user.
Transfer of money into and out of a mobile wallet from or to a bank account is now possible. Cash-in from the bank account of an individual and cash-out to a different bank account of another individual can be used as a platform for laundering unaccounted money.
Unauthorised deductions from the wallet of a customer
Employees of the mobile wallet service provider may misuse the balance stored in the wallet of a customer by making unauthorised deductions
Failure to conduct proper due diligence of merchants
If the merchant on-boarded by the service provider is a fraudster, and the payment is made by the customer for fictitious goods or services from the merchant, cash can be rotated with minimum transaction fees.
No auto log off facility
An individual usually opens the application on his mobile device for availing of the services and closes the application, instead of logging out.
If the mobile device is stolen or lost and a fraudster opens the application, he can misuse the remaining balance in the service provider's wallet.