E-wallets, a facility introduced by banks to park money for commercial transactions, is now the new target for cyber criminals. In the recent months, at least five fresh cases involving transfer of fraudulent money to e-wallets having been registered by Mumbai police. An e-wallet user doesn’t need to furnish debit or credit card details every time amongst other things.
Usually, after defrauding a person, cyber criminals transfer the money to bank accounts in the name of fictional people. “To create a fake bank account, one needs to create fake documents and submit them to the bank following which an account is created. This too can hardly be used a few times before a new account is created,” a police officer said.
With some banks, one only needs an email address or Facebook details to log in and create an e-wallet. “This is much more simpler than creating false documents,” the officer said.
DCP (cyber crime) M Raj Kumar said, “We have received some cases in the past few months where money obtained fraudulently like online fraud or debit/credit card fraud has been transferred to e-wallets. This facility, however, comes with a cash limit and hence, used mostly in cases involving smaller amounts.”
Vicky Shah, cyber expert, said that creating a fake account on e-wallet is definitely more simpler and banks should ensure that there are proper security measures in place so that this system is not misused. An officer from the cyber police station said that in some cases, when they approached banks post the fraud, the employees themselves did not have much clarity about how the e-wallet system worked.
Responding to a questionnaire sent to the State Bank Of India regarding security measures followed by banks in case of e-wallets, a spokesperson said, “Fraudsters use the wallet as a conduit to make the fraud using some of the already compromised details of the customer’s debit card/internet banking credentials. SBI is committed to end this fraud completely with a mix of preventive (at the source i.e. debit card/internet banking credentials) and corrective measures (at the wallet).”
When asked about identity proof required to set up an e-wallet, the spokesperson said, “Customer account opening is done with proper validation of KYC (Know Your Customer) details as specified by the Reserve Bank of India. The customer has to provide a valid identity and address proof for the account to be opened. The list of KYC documents is standard and followed strictly by SBI.” Questionnaires sent to private banks didn’t get a response.