New Delhi, December 12: On Prime Minister Narendra Modi’s reprimand, the vast nation of over a billion Indians is bracing up to go cashless and board the wagon of Digital India before December 30 and ride on a smooth journey in the changing times after the window to deposit the demonetised Rs 500 and Rs 1000 currency notes expires.
Such is the confidence of people of democracy in people’s elected government.
Forsaking the preparedness of the country that is primarily ruled by huge socio-economic and cultural disparities in its urban and rural segments, not to mention 80 % of Indian economy thrived on cash transactions till date, the Indians have joined the PM’s wagon enroute Digital India.
The government has pronounced that the war on black money could be countered as Indians go digital. Since November 10, the entire country has witnessed snarling rush at Banks and ATMs to deposit and withdraw the cash. More than 75 % banned currency has been parked in the bank accounts while only close to 25 % of the deposited currency is returned to customers.
Dry ATMs and cash crunch has become part of our life, every day we stand up in the queues as per our capacities and meet the ends.
Amid all this, what if, you are told that ATM you have just used can compromise your card’s security?
The awe and shock you would face would be way more than what you are experiencing now.
As much as 70% of the 202,000 ATM machines in India run on Windows XP, for which Microsoft stopped offering security updates, patches and technical support in April 2014, reported Economic Times.
“Resilience of the ATMs in India is low as Windows XP is no longer supported by Microsoft. That means there are no bug fixes, no patches and ATMs are not upgraded to cope with vulnerabilities,” said Vivek Belgavi, partner and leader, fintech, PricewaterhouseCoopers (PwC).
Globally the banks update the ATM machines and in India too, the responsibility lies with the banks to upgrade from Windows XP to Windows 7. Most ATMs in India were deployed before 4 years and the refresh time is 7-10 years.
Globally, ATMs are replaced every five years and thus they automatically get switched to new software. But in India, when replacement stretches to 10 years where older machines are often relocated and not scrapped, the security issues get high.
Besides maximum of Indian ATMs are not run by banks but by payment technology and service providers like Financial Software and Systems (FSS) and FIS Global. These companies get their machines from global players like NCR and Diebold. FSS manages 40,000 ATMs for 34 banks, including major banks like ICICI, HDFC and SBI. NCR is the largest provider of ATMs with a 47% market share in India.
Just a month before the demonetisation was announced by Modi government, India witnessed its largest ATM fraud when more than 3.2 million Indian debit cards were compromised in the country. Though the matter is still under an investigation, it is suggested that the leak originated after the cards were used at the affected/ malware ATMs of particular bank.
In the hindsight, the recent cyber attacks on Rahul Gandhi’s and Congress party’s email accounts and twitter handles, and other journalists only highlight the cyber vulnerability of our country.
The hacker group Legion in an interview to The Washington Post today said, they have more data and have access to over 40000 servers in India.
“This is just a partial dump. More data will be coming over the course of a few days 😉 We are Legion,” tweeted the group.
Are we ready for the bumpy Digital India ride?