Cyber experts have warned of a possible increase in incidents of cybercrime and the need for stricter laws than those at present, as India takes tentative steps into a world of digital economy in the aftermath of the demonetisation of Rs 500 and Rs 1,000 notes.
At present, cyber laws are governed by Information Technology (IT) Act 2000, which was amended in 2008, which is insufficient to deal with the ground realities of 2016, when a large population has migrated to online transactions and increased use of credit and debit cards and e-wallets. In this new era, cyber experts want a new law to govern digital transactions.
In fact, cyber security agency CERT-In has cautioned customers, bankers and traders against skimming and malware attacks on ATMs and POS (point of sale) terminals and asked them to adopt high end encryption to plug possible breaches. It has issued two specific advisories vis-à-vis the use of ATMs and POS terminals.
It has said that a thief can obtain the victim’s credit card number using a small electronic device near the card acceptance slot and store many such card numbers. The agency has also suggested customers to show due diligence to maintain the security their PIN and not share vital information with strangers.
“Cyber laws are practically non-existent. It’s a very scary situation when more and more people have started using electronic ways of money transactions. There is no one-point contact for redressal of complaints. Unless that is done, the government cannot instil a sense of trust among the people for such transactions,” said Pawan Duggal, a cyber security expert.
Cyber experts say that though there is no estimate, but there has been an increase in the number of cyber crimes in the last four weeks, post the announcement of demonetisation on 8 November. Complaints like amounts being debited from the account but not credited to the merchant, while doing online payments, have started pouring in.
“I used a debit card to make a transaction of Rs 1,598 for purchasing a school bag. The amount got debited from my account for which I got an SMS, but the shopkeeper did not get the payment. I contacted the bank where I was asked to contact the customer care. But the matter has not been resolved so far and I am yet to get the school bag. I don’t know what to do,” said social activist Vishnu Rajgadia. Similar was the experience of Vinit Sharma of Vaishali who paid Rs 500 to pay a milk distribution company. The amount got debited but the milk company is yet to get the payment.
IT Minister Ravi Shankar Prasad, while replying to a question in Parliament recently, had said that the number of cyber crimes has been increasing for the last three years. While 41,139 incidents were reported in 2013, 44,679 incidents were reported in 2014 and 49,455 cases in 2015. Until March this year, the number of incidents was 14,363.
According to Duggal, there is no clarity as to who will resolve such conflicts that are bound to take place when more and more people start using electronic modes of payment. “The conviction rate in cyber crimes has become almost negligible ever since the IT Act was amended in 2008. As per the amendment, cyber offence was made bailable, while the compensation amount was increased to Rs 5 crore from Rs 1 crore. Unless it is made non-bailable offence, cyber criminals will continue to have a field day, cheating people,” he added.
He also demanded that payments from mobile wallets should be given legal status. “At present, it is just a contractual arrangement. There is also need to spread awareness about cyber security. Moreover, the government should focus on increasing internet penetration. India is ready for a digital revolution but it should be done with proper security cover. There should be a strong deterrent for cyber crimes,” Duggal added.