What Impact Will Removal of High-Denomination Currency Have?Action Raises Concerns About Increase in Cyber Fraud
In the aftermath of Prime Minister Narendra Modi ordering on Nov. 8 that 500 and 1,000 rupee notes be taken out of circulation to help fight tax fraud and counterfeiting, security experts are pondering the impact.
The action could help hasten the move to cashless transactions, potentially increasing the risk of cyber fraud, they say. And it ultimately could build support for government-sanctioned use of digital currency, such as bitcoin.
The Reserve Bank of India planned to begin introducing new Rs. 2000 and Rs. 500 notes into circulation starting Nov. 10. According to the RBI Governor's statement, these currency notes will not have embedded nano chips that will alert the government whenever large cash transactions take place, contrary to rumors.
The government's actions to curb the use of the old, larger currency could trigger increased use of card-based and electronic transactions, security experts say. "With increased electronic transactions, cyberattackers and hackers will cash in on the situation and invent new techniques of fraud to penetrate into most protected networks as the volume of transactions grow," says Mumbai-based Prashant Mali, attorney at high court and cyber law expert.
Modi's Three Point-Agenda
Modi's decision to discontinue the circulation of the larger currencies comes with a three-point agenda:
- To help crack down on "black money" tax evasion and other corruption;
- To help eliminate the use of counterfeit currency hoarded by anti-national and anti-social elements, particularly in Pakistan;
- To help reduce inflation by limiting the number of high denomination notes in circulation.
But the move, which is expected to hasten a shift to cashless transactions, could create new opportunities for online fraud, security experts warn.
Mumbai-based Nitin Bhatnagar, a cybersecurity researcher, notes: "With digital money being a prominent mode of exchange of money, payments security around the digital money processing platforms is a big concern. It has to go through rigorous checks in order to safeguard systems from getting compromised."
While the currency demonetisation is a good move to help eradicate black money and counterfeit currency, it creates new fraud risks, argues Lucknow-based Dr. Triveni Singh , additional superintendent of police, special task force, UP Police.
"On average, there are 2,000 cases registered in a month with us for online fraud - which is far less than the actual fraud which doesn't get registered," Singh says. He estimates that only about one out of 100 cases of fraud is registered.
The recent debit card account breach in India shows how criminals can exploit vulnerabilities of banking institutions (see: 3.2 Million Indian Debit Cards at Risk)
Balaji Venketeshwar, former cybersecurity leader at PricewaterhouseCoopers, says that credit and debit card fraud is definitely on the rise and increased dependence on card-based transactions will surely have some negative impact.
Use of Cryptocurrencies
Mali, the attorney, expects the government will eventually encourage the use of cryptocurrencies, such as bitcoins.
Some security leaders contend that blockchain - the distributed ledger technology that supports cryptocurrencies - will help track illegal activities and will prove essential to transforming the Indian financial system as part of the effort to move away from heavy reliance on cash-based transactions.
Tackling Digital Risk
Security experts also expect the RBI to come up with a focused strategy to counter risks arising out of increased electronic payments.
"We need to have a strong framework around securing payment infrastructure and a robust cybersecurity law to protect the nation's interests against any illegal online activity," Bhatnagar says.
"As the volume of transactions goes up with access to electronic payments, it is critical to provide a safe, convenient and flexible alternative to cash," adds T. R. Ramachandran, group country manager, India and South Asia, at VISA.
Venketeshwar argues that the security of the Indian banking system is porous. Security teams must be geared up to face the sudden exponential growth in card usage, which will motivate hackers to strike, he adds.