While we stood in long queues outside banks and ATMs, Prime Minister Narendra Modi urged the nation to adopt digital transactions to usher in a cashless economy. Addressing a rally in Kushinagar, Uttar Pradesh, he stressed that the youth should educate others on how to go cashless. "I need your support," he said and asked each of them to help at least 10 families learn the tactics of electronic payments every day.
Not only this, he abolished excise duty and special additional duty on point of sale (POS) machines within a day of his speech as they were in huge demand. He also formed a committee with Andhra Pradesh Chief Minister as the convenor, CEO of Niti Aayog as secretary and Nandan Nilekani, the man behind AADHAR, as a special invitee, to speed up cashless transactions.
Modi has certainly made a statesman-like effort by roping in people from the opposition and chief ministers as members. The 13-member committee has been entrusted with preparing a roadmap on how we can promote cashless transactions in India and how much time would it take to make this project a reality in the country.
But for a nation that runs on cash to the extent of 86 per cent and which has only 30 million credit cards and 700 million debit cards against a population of 1.23 billion, does it seem easy to think of a cashless economy? Most of the countries that thrive on digital transactions have promoted easy mechanisms of electronic payments throughout the country at all outlets.
For instance, Hong Kong has promoted usage of what they call an octopus card, which is a priced possession for everyone, be it rich or the poor. It is akin to an e-wallet like Paytm or Mobiwik but is linked to a plastic card. From parking lots, leisure parks, transportation, eating outlets to schools, it is a lifeline for people in Hong Kong.
In India, more than 60 per cent of the population does not have a debit card, forget credit card. As per the latest information, smart phone penetration in India is 250 million only with only 220 million people possessing jan dhan accounts. Internet connectivity is another issue. Be it the pre-Jio or the post-Jio era, people still struggle with 2G connections. Only 46.20 crore people have an Internet connection, which comes to only 34 per cent of the total population! No doubt, the Internet penetration has almost doubled during the Modi-era but it is not enough to cover the entire population. In such circumstances, cashless economy seems to be a tall order.
The government has recently asked the telecom operators to support unstructured supplementary service data (USSD)-based banking, which can be used to get a mini bank statement, transfer money by entering bank account details and AADHAR number. This service operates on feature phones without any Internet connection. Of course, it is not free of cost and the service provider charges a nominal amount of Rs. 1.50 every time a user uses USSD. There is a waiver till December 30.
Several public and private sector banks like Punjab National
Bank, Bank of Baroda, Federal Bank etc. have launched their smart phone apps.
Once the app is downloaded, it can be used without Internet connection.
The Reserve Bank of India had also launched Unified Payment Interface (UPI) in April this year. It integrates several banking services, including Immediate Payment Service (IMPS) at one place. The app can be used for operating several bank accounts in one go. In other words, if a customer has five bank accounts, he/she need not download five different apps to operate them. However, UPI could not gain much popularity and needs some changes to make it more user-friendly.
Be that as it may, demonetisation has certainly benefitted a few organisations like Paytm. Media reports suggest that there has been a spurt in digital transactions through e-wallets. The attractive cash-back offers and, of course, the advertisement that it published using Modi’s image helped it in reaping the benefits. In an official statement, the company said that traffic on their app has increased by 700 per cent, the number of transactions to 7 million from 2.5 million and cash in e-wallets has grown by 1000 per cent. This shows how people have moved from cash to online transactions.
Even small vendors have installed Paytm as it is easier to register instead of having a machine installed by a bank. While Paytm continues to rule and celebrate, some people also complained as the money in their wallet disappeared suddenly. A friend mentioned how a street vendor stopped accepting payments on Paytm as he lost Rs. 7000. He is clueless whether he would ever get his money back.
Now, this raises a question, what kind of security measures do we have for protecting the interest of the general public? Do we have any law or a forum where consumers can approach in case they lose money while transacting online, be it through wallets or the newly promoted USSD banking?
Even though cashless transactions are convenient and hassle-free, they are being promoted at the cost of security and privacy. As of now, the law book neither has a dedicated law to protect the consumers’ interest, if they lose their money during digital transactions nor for lodging a complaint.
The apex bank has set certain security standards and regulations for the banks. However, companies like Paytm, Mobiwik, Freecharge etc. fall under the category of Non Banking Finance companies (NBFCs). Hence they are not under any obligation to comply with these standards, even though they are dealing in public money.
Such companies have to abide with provisions of Section 43A
of the Information Technology Act which entrusts the responsibility of having
reasonable security measures for protecting “sensitive personal data or
information” with the body-corporate that deals with information technology. In
case such measures are not taken such body corporate shall be liable to pay
damages to the aggrieved person.
The provisions in the section seem to be inadequate to protect the kind of information that one shares with these apps. For one thing, the section does not clarify as to what can be termed as “reasonable measures”.
The Act provides that such entities have to disclose in their contract as to what measures are being taken for ensuring the privacy and security of the transactions. It is easy for these companies to escape by incorporating a general statement that “the company shall not disclose or share the confidential information to anyone without prior permission.” Who is actually going to look what measures they shall take to ensure security and privacy?
Also, there is no clarity as to what information we are sharing with them and how do they process it, where is it stored etc. To add to the woes, the IT Act does not have any enforcement mechanism in place or any agency to monitor the data-maintenance practices.
It is a known fact that despite the assurance of confidentiality and secrecy, information from telecom companies is leaked. In fact, there are companies which procure data from different sources and sell it on nominal prices. Not only this, these data management companies categorise the information based on the kind of car or bungalow one owns or credit card one holds etc. and sell at a price ranging from Rs. 1 to Rs. 3 per contact, to suit the taste buds of data-hungry marketing firms.
Considering the spurt in e-transactions, who knows another
category is being created based on the number of transactions that one did
online in a month or a year, giving another set of data to these companies.
As far as the RBI is concerned, it governs the usage and issuance of digital wallets under a master circular for pre-paid instruments. The circular has laid down eligibility conditions for issuance of e-wallets like a minimum capital requirement and rules for deployment of money collected. The circular also prescribes the maximum amount that can be kept in a wallet. It also requires the e-wallet companies to establish a complaint redressal mechanism. However, the circular does not provide any security standards for prevention of data misuse.
On the other hand, the RBI has prescribed adequate measures for security of information, electronic banking, cyber fraud etc. in the case of banks. Despite the prescribed security measures, India Inc. was shocked to read that security of around 3.2 million debit cards was compromised, barely a month before demonetisation. It was certainly one of the biggest financial breaches ever reported.
As people increasingly switch over to digital transactions, the government should get a dedicated law passed to check any possibility of fraud by these companies. Equally important, the state should ensure that law is complied with by putting in place a provision for conducting an audit on cyber security. This should be followed by an amendment in the Consumer Protection Act to ensure that the aggrieved person can easily approach the court for getting the guilty booked. Until then it is pointless to dream about a cashless country!
(The writer, a company secretary, is director, communication, Deepalaya, and can be reached at Jassi.firstname.lastname@example.org(Published on 12nd December 2016, Volume XXVIII, Issue 50)#