New Delhi:
IT secretary Aruna Sundararajan said on Thursday some of the e-wallets being used for making digital payments are still not secure to the level they should be and government as well as the Reserve Bank are monitoring the situation.
Sundararajan said however that there is also a trade off between ease of usage and security.
"You as a customer don't want too many layers of security which make it difficult for you to use a wallet. At the same time you do want adequate protection," Sundararajan said on the sidelines of Skoch Summit.
She was responding to a query on computer chipset maker Qualcomm's analysis that none of the mobile banking and digital payments applications comply with the hardware level security.
"We are happy to note that many of them (developers) have started taking action to make sure that the (systems) are secure. Whatever needs to be done, if we feel that the existing layers of security are not (enough), we will be asking them to do it," she said.
As per IT and law minister Ravi Shankar Prasad digital transaction in the country have increased in the range of 400 to 1,000% since November 9 -- after Prime Minister Narendra Modi announced discontinuation of old Rs 500 and Rs 1,000 notes.
Sundararajan said that as volume of cyber transactions grows there will be some people who will try to breach the security.
"IT ministry is fully conscious of this. We have already put our systems on immediate alert. We are keeping close watch on the situation. We have also issued detailed advisories to bank to see what are the steps that they need to put in place. We have also spoken to RBI and RBI is also monitoring the situation," she said.
National Cyber Security coordinator Gulshan Rai said financial sector is very vulnerable to cyber breach as it works on the outsourcing model where passwords are open for many vendors involved in transactions. He said the vendors and other partners should share responsibility around security when it comes to digital cash.
"Master has so much infrastructure in the country. Visa doesn't has any infrastructure in the country. RuPay has infrastructure in the country. "I am not advocating that they must put infrastructure here but then, must have arrangements. These companies must think of themselves as Indian and they must be ready to share, work with the government to mitigate those incidents and work out to find out root cause of those," Rai said. He said one of the largest attack took place on Yahoo. "The situation is becoming quite challenging. More we are moving towards technology implementation, more we are becoming vulnerable," Rai said.
