The Unified Payment Interface or UPI has gained immense popularity in the last few years – fast-tracked due to Demonetization and the Covid-19 pandemic.
The Unified Payment Interface or UPI has gained immense popularity in the last few years – fast-tracked due to Demonetization and the Covid-19 pandemic. With the Government of India’s push for digitalisation and customers’ growing preference for contactless payments, UPI has been on a stupendous growth trajectory. According to the data released by National Payments Corporation of India (NPCI), peer-to-merchant (P2M) UPI transactions recorded a phenomenal increase of 138% in November i.e. 390.7 crores from 163.8 crores in November 2021.
Nandan Nilekani, Advisor – Innovations and Public Policy, NPCI, also highlighted that around 40% Indians use formats such as UPI for money transfer. While this is a positive growth for the digital payments industry, on the flip side, there has been a rise in UPI frauds. According to data released by the Ministry of Home Affairs, UPI frauds contributed to 15.3% increase in the overall number of complaints reported on the National Cybercrime Reporting Portal (NCRP) between the first and second quarter of 2022.
UPI is built on an extremely robust security framework. However, fraudsters exploit human vulnerability and deceive customers into giving their personal/confidential details. Let us look at the common techniques used by fraudsters and the measures to stay safe:
- Never share your UPI PIN with anyone
No matter how convincing the vendor/shopkeeper sounds, do not share your UPI PIN with anyone including friends/relatives. UPI PIN is used only to authenticate your transaction and sharing of PIN exposes your account to increased chances of fraud.
- Never fall for UPI ‘Request Money’ feature while receiving money
One of the most common UPI frauds takes place when the customer clicks on ‘request money’. To deceive the customer, the fraudster sends a ‘collect’ request and the customer is asked to enter the PIN for receiving money – assuring that the debited amount will be credited again. This is a classic case of fraud. One must ALWAYS remember that customers do not need to enter their PIN while receiving money.
- Transact ONLY with known/verified accounts
Another common UPI fraud is when fraudsters pose as bank representatives or any other trusted entity. As a vigilant user, one must never share any confidential information with such sources. Banks will never ask to disclose UPI PIN/handle or any other financial information. At times, these fraudsters ask customers to download third-party applications for verification purposes. These apps generally mirror one’s device and expose all confidential information by providing remote access.
Additionally, while making a UPI QR code payment, ensure that the account name displayed is legitimate and matches with the intended receiver.
- Avoid making transactions on illegitimate websites or while using public Wi-Fi
Transact only on trusted websites and password protected Wi-Fi/internet. Unverified websites increase the risk of your money being siphoned by imposters. At times, these fake websites urge you to share UPI details and debit INR 1 for testing purpose. Once these websites have your UPI ID, they can immediately misuse it to withdraw money.
- Set a daily UPI limit for transactions
While being cautious is the safest armour against UPI frauds, a proactive measure such as setting of UPI limit can go a long way. In case of a UPI fraud, if a limit is set, it minimises potential losses and prevents fraudsters from withdrawing/siphoning excess money.
- Change your UPI PIN at regular intervals
It is a good practice to change your UPI PIN at least once a quarter. This reduces the chances of exposing your PIN and enhances the security of your account. Also, avoid using weak passwords such as birthdates or serial numbers like 123456 as UPI PIN.
While customer vigilance goes a long way, it is equally important that banks/financial institutions, payment companies, and third party/payment apps regularly communicate with their customers/users and advise them on the do’s and don’ts of transacting using UPI. A collective effort towards fraud prevention by all stakeholders will not only secure the entire payment ecosystem but also increase customer confidence while making digital transactions.
AGS Transact Technologies Limited offers Proactive Risk Manager, a payments risk management solution, which helps card issuers, merchants, acquirers and financial institutions identify and mitigate financial .