Democratizing trade & digital transformation of Indian MSMEs to access the global opportunity
Nath Parameshwaran, Director, Corporate Affairs, PayPal India
There has always been a distinct trend towards digital payments, but the current environment has rapidly accelerated that movement. India is expected to have 835 million internet users by 2023. As the e-commerce market grows, so does the threat of cybercrime and fraud. Along with promoting digital, there also needs to be conversations around cybersecurity. Simply taking action against existing threats is not enough, we need a strong proactive framework to prevent cybercrime. While the RBI has introduced regulations for digital payments, risk management is a joint effort that also requires the industry’s input.
Last week, PayPal and DSCI released a joined report on ‘Fraud and Risk Management in Digital Payments’. The report included some critical research on sophisticated online fraud payment mechanisms, threats to the payment ecosystem, incorporating better prevention strategies, and the role of upcoming technologies, as well as the way forward for various stakeholders. I thought of summarising my take on the report through what I like to call the three Cs of cybersecurity –
The nature of cybercrime is evolving. Most threats don’t come from a single hacker but are part of an organised network. As cybercrime becomes more organised, it is also becoming more sophisticated. Fighting this requires a unified approach that involves the industry, government, regulators, LEA, and academia. For the regulators and LEAs, this could include capacity building, upskilling, industry interaction, and threat modelling. The retail industry could focus on risk assessment and threat monitoring, as well as incorporate internal controls and additional verification for high-value transactions. As for the payments industry, the focus should be on creating products and services that put security first.
Culture of security first
What does a culture of security first entail? It means that companies need to design products that are secure by design, taking into account user privacy and security at the time of product development. Additionally, companies should encourage an ongoing security audit of their products to spot vulnerabilities.
Consumers need digital payments to be convenient without compromising security. The two need not be at odds with one another. Implementing security measures should not take away from a product’s ease of use, especially because the growth in digital payments comes from first-time users. The onus is on the industry to balance security with simplicity to instill confidence in users.
I believe that an effective and comprehensive cybersecurity strategy is a must to achieve the vision of Digital India and ensure sustainable growth in the industry. While we have already managed to make digital payments and e-commerce accessible to a large section of the population, complete digital financial inclusion also requires effective fraud protection and cybersecurity.