In today’s Indian scenario, the banking sectors are rapidly utilizing Information Technology based services for their banking transactions/operations. The information technology used in businesses and payment transactions are channeled via the means of online facilities which caused serious threat, as a consequence, has been imposed on the safety and reliability of banking operations.
Along with the growing trend of online and cyber transactions, the number of banking frauds has also been on the rise affecting many a customer using banking technology tools. The propensity of online banking transactions falling prey to cyber frauds are seen as a real problem in modern-day banking services.
This article deals with understanding and analyzing the impact of technology on an internet-based banking system and various techno-legal issues related to online banking frauds. However, also discussed the existing legal approaches as well as regulatory authorities adopted for regulating offenses affecting online banking in India.
Banks face a constant threat from cybercriminals. Because people use technology and online platforms for money matters, it’s easier for hackers to target banks and their customers. Cyberattack don’t just mean losing money; it also damages the bank’s reputation, make customers lose trust, and break the rules. Hackers keep changing the way how they attack banks, making it hard for the banks to keep up.
One common way is phishing, where they trick people into sharing sensitive info like logins. But now, they also use advanced methods like ransomware and insider threats to exploit bank weaknesses. Furthermore, phishing tricks people with fake emails, messages, or websites that look real. It’s tough to catch because hackers find new ways to get past security. In 2019, Capital One got hit, and over 100 million customers’ info was stolen. This shows how serious and damaging these attacks can be.
The Narasimha Committee (1991-1998) which was for the recommendation on financial matters, suggested that IT shall be used in the banking sector as well to make it more efficient in the functioning. While the banking sector has expanded its services and aims to provide excellent customer service via innovation, cyber-crime continues to be a problem.
Cyber criminals can easily get in touch that is accessible on the internet. Cyber-crime causes massive monetary losses that are borne not only by customers, but also by banks affecting a country’s economy. When viruses are produced and spread on other devices, or when sensitive business information is posted on the Internet, non-monetary cybercrime exists. Phishing and pharming are the most popular examples.
Reasons for cyber crimes in the Banking Sectors
Once a cyber attacker is able to gain access into a computer system, they may have access to personal data, including private financial documents from customers, which can be copied or transferred into a small removable device. Since information technology powers the operations of banks, individuals, corporations, government agencies, etc., the insecure storing of confidential data and information processed on their computers presents a serious danger.
All the authorities who use computer systems should remain very careful and cautious in order to safeguard their confidential data and information stored in the computers. Through proper usage of Passwords and Personal Identification Numbers (PIN) they can limit the access. Any negligence on their part will facilitate cybercriminals’ easy access to certain devices and records.
Banks use a variety of operating systems for their day-to-day activities; hence banks must ensure that they have in place ongoing internal control and IT audit systems otherwise it can result in computerized environment lapses due to the availability of inefficient software and hardware systems.
Due to geopolitical and global macroeconomic conditions, the banking industry in the world is facing a difficult situation that is thought-provoking. In order to better analyse and mitigate risks, the banking industry is being forced to review its existing practices.
For risk management, technology-driven approaches have been used. Financial services have been expanded to the masses as a result of the development of information and technology (IT), as well as the penetration of mobile networks in daily life. However, technology advancement has made the banking services accessible and affordable but this in turn has augmented the likelihood of being a target of cyber-attacks.
Key Factors Behind the Surge
The rapid adoption of digital payment methods, including credit cards and online banking, has created more opportunities for cybercriminals. As more people rely on these digital channels, the vulnerabilities within these systems have become more apparent. Cybercriminals have become more adept at exploiting weaknesses in digital payment systems.
Techniques such as phishing, identity theft, and the use of malicious software have become more prevalent, allowing fraudsters to gain access to sensitive personal information. Many frauds occur due to human error, such as sharing passwords or falling for phishing scams. Senior citizens, in particular, are often targeted due to their lack of familiarity with digital security practices.
Key Legislative Measures
Information Technology Act, 2000 (IT Act) provides legal recognition for electronic transactions and aims to facilitate e-commerce and addresses various cybercrimes, including hacking, identity theft, and cyber terrorism. Key sections relevant to cyber fraud include:
• Section 66C: Punishment for identity theft.
• Section 66D: Punishment for cheating by personation using computer resources.
• Section 43: Penalty for damage to computer systems.
Indian Penal Code (IPC), 1860: It includes provisions that address cyber fraud like:
• Section 420: Cheating and dishonestly inducing delivery of property.
• Section 468: Forgery for the purpose of cheating.
• Section 471: Using as genuine a forged document.
Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 mandate intermediaries, such as social media platforms, to exercise due diligence and ensure the safety and security of users. They require intermediaries to report cyber incidents to the Indian Computer Emergency Response Team (CERT-In).
Challenges in Combating Cyber Fraud in India
The fast pace of technological change makes it difficult for laws to keep up with new types of cybercrimes. Many organisations, especially small and medium-sized enterprises (SMEs), lack the resources to implement robust cybersecurity measures. It makes them easy targets for cyber criminals.
Effective cybersecurity requires coordination among various government agencies and departments, private sector entities, and international partners. However, it is often lacking, leading to fragmented efforts and inefficiencies. Cybercrimes often transcend national borders, complicating the enforcement of laws. Many individuals and businesses are unaware of the risks associated with cyber fraud and the measures to prevent it.
Way ahead to Combat Cyber Fraud
The financial system’s backbone has been information technology. It supports the growing difficulties and banking requirements tremendously. Currently, banks cannot consider introducing financial products in the absence of Information Technology.
Information Technology, on the other hand, has had a negative effect on our financial industry, where crimes such as stealing, hacking, phishing and forgery are perpetrated. Banks and financial institutions need to implement stronger security protocols to protect against cyber attacks. It includes multi-factor authentication and advanced encryption techniques.
The RBI and other regulatory bodies must continue to monitor and enforce compliance with cybersecurity standards. Regular audits and assessments can help identify and mitigate potential risks. Educating consumers about the risks of cyber fraud and how to protect themselves is crucial. Awareness campaigns can help individuals recognize and avoid common scams.
Dr.S.Krishnan is an Associate Professor in Seedling School of Law and Governance, Jaipur National University, Jaipur.
Akshita Jindal is an Assistant Professor in Seedling School of Law and Governance, Jaipur National University, Jaipur.