BUSINESS

Pitching For A Cashless Society Before Beefing Up Cyber Security Is Like Putting The Cart Before The Horse

The cashless society is a great idea as long as it does not leave you literally without any cash in your account.

28/11/2016 2:10 PM IST | Updated 28/11/2016 2:56 PM IST
NEW! HIGHLIGHT AND SHARE
Highlight text to share via Facebook and Twitter
Ajay Verma / Reuters
A notice is displayed on the gate of an ATM counter which is no longer dispensing cash in Chandigarh, November 14, 2016. The notice reads, "Out of cash".

Last year I woke up one day to my mobile phone pinging. It showed a withdrawal from my account via debit. And then another one. The debit card was sitting with me. And I could not recognize where the withdrawals were being made. I called the bank immediately, froze the account, went running to the branch with photocopies of my documents.

It took months, several angry phone calls, threats to escalate it to an ombudsman, re-submitting all my documents multiple times at different branches to get this sorted out. The case would periodically be closed on their end without it being resolved and an irate call from me would result in it being reopened but with a brand new case number which would effectively restart the clock and create a brand new case.

Several times the bank lost all my paperwork. A bank officer uploaded the documents in front of me in Kolkata and an official on the other end claimed not to be able to find any of them in the system. Once their own official scanned my documents and emailed them to the relevant party but their fraud investigation team closed the case without informing me because they thought the scans were too dark and unclear.

Ajay Verma / Reuters
A notice is displayed on the gate of an automated teller machine (ATM) counter which is no longer dispensing cash in Chandigarh, India, November 21, 2016.

I went through one case liaison after another each of whom would soothingly ask me to tell the story all over again and promise to "revert with details" within 24 hours and disappear. I would get letters by mail saying my service request could not be processed because they lacked proper documents, for example a copy of the debit card. That had, of course, been destroyed, on their own instructions, months ago.

While I understand that fraud investigations take time, after several months of this runaround I could not help but feel that someone was just hoping I would run out of patience and give up. I know people who have done exactly that. The money was substantial but it was not critical to my survival. I was pursuing it on principle. I had to keep at it, calling, complaining, documenting an ever-growing chain of case numbers until finally the money was restored in my account. This took several months.

I tell this story because even as someone reasonably tech-savvy I felt I was floundering in this virtual world of finance. And that's what makes me worried when I hear Narendra Modi spend his Mann ki Baat painting an alluring picture of a cashless future for India where money comes and goes with the click of a mobile phone.

A less-cash to a cashless future is a worthy aspiration but selling demonetization as the gateway to that brave new world is putting the cart before the horse. A Google India and Boston Consulting Group survey in 2015 showed that 75 percent of transactions in India are still cash-based unlike 20-25 percent in developed countries like the USA, Germany and Japan. Most debit card transactions are still about withdrawing money anyway to get cash in hand.

Are the systems in place where it will be that much harder for someone to steal a password or a pin? Has the cyber security been thought through? The implementation of the demonetization roll out and the U-turns and zigzags do not give much confidence in that.

Is a country as vast as India, with such varying literacy and technical literacy levels, even remotely ready for that cashless world? Are the systems in place where it will be that much harder for someone to steal a password or a pin? Has the cyber security been thought through? The implementation of the demonetization roll out and the U-turns and zigzags do not give much confidence in that.

It's tempting to think that technology will be our saviour but while digital money on the phone can be a godsend, it comes with its own risk about which most of us are not aware. Sure, money sitting at home can also be a risk from a robbery but we are aware of that and try and take precautions – a Godrej safe, a hiding place for the keys, even the lining of a mattress. We do not even understand how our digital money is being protected or who is attacking our system and trying to break in at any time. The great danger is often we do not know our digital security has been compromised unlike a physical break-in.

Back in July, long before the demonetization happened, the RBI was already raising the alarm about cyber crimes. That came in the wake of a cyber heist in February where cyber criminals issued instructions to transfer $951 million out of the Bangladesh Bank's account at the New York Federal Reserve. Most were declined but $81 million did disappear.

We do not even understand how our digital money is being protected or who is attacking our system and trying to break in at any time. The great danger is often we do not know our digital security has been compromised unlike a physical break-in.

While ATMs, mobiles, digital wallets have been indisputably useful in making financial transactions easier, they have also introduced many more points of vulnerability via ATM skimming, man-in-the-middle malwares on phones, card fraud at point of sale terminals. It's not been that long since 3.2 million debit cards belonging to major banks were compromised in India. 26 lakh were reportedly on the Visa and Mastercard platform and 6 lakh on Rupay according to reports. The malware that resulted in the breach was at work for six weeks before it was even detected. In a sense, those affected were lucky. When it affects 3.2 million cards, it becomes an emergency. If it affects a handful of people, good luck to them in figuring it all out and fighting for their money.

It's a testament to people's resilience that in the wake of demonetization we are hearing stories about the local phuchka seller discovering PayTM and the fishmonger who now can be free from the tyranny of figuring out change thanks to a digital wallet.

Danish Siddiqui / Reuters
A customer deposits 500 Indian rupee banknote in a cash deposit machine in Mumbai, India, November 8, 2016. REUTERS/Danish Siddiqui

These are welcome stories but they do not mean that the larger concerns about cyber security are just figments of an unpatriotic naysayer's imagination. The cashless society is a great idea as long as it does not leave you literally without any cash in your account. Going to a less cash economy and putting the pieces in place for that is absolutely worthwhile but demonetization is a rather drastic measure to try and achieve that.

Bill Gates has called demonetization a "bold move" that will deflate the shadow economy and brings together all the pieces for a "compelling vision for digital financial inclusion". The Prime Minister has delineated those pieces with yet another handy acronym – JAM – Jan Dhan accounts, Aadhar cards and the mobile phone.

At a time when people are worried about the effect of demonetization on their bread and butter, Mr Modi would do well to remember what Lewis Carroll wrote in Through the Looking Glass and What Alice Found There about the sweet promise of jam.

"You couldn't have it if you did want it," the Queen said. "The rule is, jam to-morrow and jam yesterday – but never jam to-day."

"It must come sometimes to 'jam to-day'," Alice objected.

"No, it can't," said the Queen. "It's jam every other day: to-day isn't any other day, you know."

"I don't understand you," said Alice. "It's dreadfully confusing!"

More On This Topic