Given the importance of cyber security at a time when there is increasing digitisation of payments, Gartner estimates the country’s security market would have grown by nearly 11% in 2016. Gartner expects enterprise security spending — hardware, software and services — in India is on track to hit $1.12 billion in 2016, up 10.6% from $1.01 billion in 2015.
Revenues from consulting, implementation, support and managed security services, which accounted for 61% of the total revenue in 2015, is estimated to increase to 66% by 2020.
According to Niranjan Reddy, founder and chief technical officer (CTO) of Netconclave Systems, educating users is of utmost importance. “Since the push to go digital is being implemented without adequate planning, there is a tremendous load on the servers,” Reddy said, adding that on a daily basis, there are two to three incidents of security lapses being reported.
For instance, Paytm reported it had been cheated of R6.15 lakh and the Central Bureau of Investigation (CBI) is currently investigating the case.
Sunil Kulkarni, deputy managing director at Oxigen Services, said the company uses two-factor authentication (2FA) to ensure safety, though it was not mandatory yet. He added incidents of security lapse typically occur in at the banks’ end. “The wallet gives a 24-hour cooling period to not allow the money to be transferred to another bank account when a new wallet is loaded using banking channels,” Kulkarni explained.
However, bankers said that they are playing a major role in making India a less-cash society and therefore, have a very strong IT security team and risk management committee. An official at State Bank of India (SBI) told FE that the bank has not faced any net banking security breach since June 2012. Meanwhile in October, a slew of banks in India began replacing or asking customers to change security codes of as many as 3.25 million debit cards, owing to fears that the data could have been stolen.
In December, the Reserve Bank of India (RBI) had advised the prepaid payment instrument (PPI) issuers, system providers, system participants and all other prospective prepaid payment instrument issuers to carry on special audit on a priority basis and take steps to comply with findings of the audit report.
Anjay Agarwal, chairman and MD AAA Technologies, said that new vulnerabilities have to be mitigated on a regular basis. “So audit on a regular basis is important. The online and mobile banking channels are usually classified as higher-risk sectors, so regular audits will help in mitigating risks,” he said.