No laws in India to protect customers’ money during digital transactions

Cyber security

New Delhi, December 2: While Indian Prime Minister chastised 125 crore Indians to go digital and adopt cashless transactions by stashing off 86 % currency in circulation, the lack of security laws pertaining to digital payments add to the woes of people who have been tired of standing at ATM queues from past 24 days.

As there are no basic privacy and security laws to protect loss of cash in digital payments in India the consumers who vow to go cashless only tries his luck in every e transaction.

A college student spoke to WEFORNEWS and shared her recent misadventure with digital payment while she was buying a pair of shoes from a popular shopping website.

She said the transaction was not made and twice the payment was deducted from her account. When she contacted the shopping site, the exceutive told her that the transaction must have stuck in the gateway and the refund will take place in 2 days. However it has already been three days since the cliche took place, said the student.

When she contacted the bank, the bank asked her to write an application to cite the grievance and they did so. However the bank hasn’t reached her back again. She says she just hopes she is lucky enough to get her Rs 2400/- back.

There is certainly an immediate need to legally back digital payments in India. This will not only ensure the safety of consumer money but will also secure these companies.

Despite initiating a gigantic task to demonetise Rs 500 and Rs 1000 notes and turn India cashless, the underlying cyber security parameters for digital payments under Modi government still largely lie under the ambit of the Information Technology Act.

“We don’t have any dedicated law on digital payments. That’s very important to grant complete legality and remove and doubts and clarifications pertaining to legal efficacies and legal validity of digital payments,” said cyber laws advocate Pavan Duggal.

Duggal further added that there are no legal mechanisms to tackle the disputes arriving from digital payments. He also added money lost, hacked, stolen or misused in the digital payment ecosystem has no remedy mechanism.

It is interesting to note here that the various digital wallets such as Paytm and Mobikwik fall under the category of Non-banking Financial Corporations (NBFCs) and thus they are liable to RBI’s security and privacy standards. For these companies, security compliance falls under Section 43 A of the IT Act.

While the demonetisation has sky-rocketed the transactions of digital wallet firms. Reportedly Paytm has seen  35 million transactions over the last few days.

We have a minimal data protection law in our IT Act and that will apply to all the FinTech players. But our ISPs and Telcos don’t comply with Section 43 A, so you can imagine in the FinTech sector the compliance will be even lower,” says Sunil Abraham, Executive Director at Centre for Internet and Society (CIS).

The research conducted by CIS shows that some of India’s largest technology companies still do not comply with Section 43 A.

So, the onus of failure of digital payments is totally on consumers who use such services.

As a precautionary measure, the RBI had earlier limited the maximum balance on digital wallets to Rs 10,000 per user, but on November 23, the banking regulator increased the limit to Rs 20,000 .

Just last week,Paytm which is India’s largest digital wallet provider, offered customers to increase their wallet balance to a maximum limit of Rs 100,000 after KYC check done.

While it might take years to frame and implement the laws, the involvement of private sectors is of key importance to improve the cyber security of digital payments. Abraham added, “Under Section 43 A there are provisions to allow a sector to form a consortium that mutually agrees to set security standards, which all players must follow and is valid in the court of law during dispute resolution.”

Wefornews Bureau

Related Posts