I threw a curious look as if asking if the manager was wanting something more to be served when the bill had already been presented. To this, he meekly revealed that he shared his card PIN with the waiter so that he wouldn’t have to get up and go up to the billing counter and make the payment by punching the PIN himself. I was aghast at his admission!

It is natural to feel lazy after a heavy meal at a fancy restaurant, heavy enough to not get up from the seat and walk up to the billing counter to pay the bill. But sharing your card PIN is not just an insecure practice, it may also be in violation of the cardholders agreement that you have in place with the Bank that issued you this Card.

Remember these tips when making a payment at Find-dining Restaurants and Fastfood Chains alike

1. Never share your Card PIN
2. Ask for the waiter to bring the POS machine to your dining table and discretely enter your PIN after verifying that the amount is correct
3. If the restaurant does not have a portable POS machine, walk up to the billing counter and punch your PIN there
4. Keep an eye on the Card and never let it out of sight (some restaurant staff have known to mischievous and compromise card data in the past investigations)
5. If your Card is contactless and the bill amount is within limits, pay through contactless (that way, you won’t have to enter any PIN and no chance of eavesdropping)

Remember: Protecting your sensitive data is in your own interest and first step towards fighting cyber crimes.

This magnitude of the digital payments has naturally made it lucrative for Fraudsters too to attack unsuspecting customers and merchants alike through a variety of frauds. However, today we talk about one such fraud that is perpetrated through Fake Payment Apps which have come into existence. This is not carried out by some third party on unsuspecting customers, this is a first party fraud carried out by the customers themselves on unsuspecting Merchants.

Modus Operandi

1. Fraudsters install a Fraudulent Payment app on their phones / devices
2. After purchases at the store, at the time of making payment, they open this app and pretend to scan the QR Code
3. They would actually be typing the Name and Phone Number (read from the QR Code display and type it manually while the merchants believe the user is typing amount
4. The spoof app produces a dummy “Payment Successful screen as displayed below
5. This screen is showed to Merchant who believes that the payment is successful – especially small-time merchants who are not very technology savvy

Left: Screen on Fraudster’s phone to enter the Merchant and Payment details	Right: Screen displayed to Merchant making them believe Payment went through

Magnitude of Fraud

Since this Fraud is localized to the Merchants, the Banking System does not come to know about such frauds. The Merchants at best may contact their Acquirer Banks or Wallet Providers to find out why the payments didn’t go through. The Service Providers/Acquirers who have no clue about these payments can’t be of much help and Merchants in turn may be dissatisfied with their Acquirer Bank.

List of Fraudulent Apps

Before I provide a list of such apps, here is a word of caution. OK! make that several sentences

1. These apps may be legal but the acts perpetrated may be illegal
2. Spoofing a payment this way is a punishable offense under various sections of Indian Penal Code
3. Since these apps cannot be distributed through the usual Apple App Store or Google Play Store, they are distributed as .apk installers on Android platform, hence they are potentially unsafe
4. Such apps could install virus/malware on your phone or compromise data on your phone

Since the publishers of these apps call them as Prank Apps and distributed directly, it is possible that these apps do not come to the attention and scrutiny of Google Platform or the Police Department. It is possible that some of the links beow

• Spoof PayTM App
• Google Pay Spoof App
• Prank Payment App

How to Protect Yourself?

If you are a Merchant or often receive digital payments from different people through such apps as GooglePay, PhonePe, PayTM or AmazonPay, it is important to be vigilant and not be defrauded. Here are some simple steps you can take

1. Enable and check SMS or in-app notifications for all payments
2. If you have PayTM Account, install PayTM for Business on Phone/Device and active Sound Alerts
3. You can also buy a PayTM Soundbox and activate it. Every time there is a successful payment, an announcement happens on the sound box
4. Check the balance after each transaction. If your app is crashing for some reason (can happen at times), safeguard your interest by following additional measures mentioned below
5. At shops, ask the customer to show the confirmation once again, observe it closely for any name misspellings or number mistype (since the names and numbers are manually entered in a hurry and under pressure of committing a crime, there is a chance that the values are incorrectly typed
6. Place the QR codes at places in the shop such that when the customers scan the QR codes through phone, you can see their screen. While this is not always possible due to shop layout, try to make adjustments in the QR code placement or place mirrors at strategic places if your business supports it

While this type of fraud is very difficult to catch, the shopkeepers’ presence of mind can prevent their losses and falling pray to such spurious elements.

Now, have you come across any more such apps? Do you have a better tip or trick to prevent yourself from such frauds? Do let us know by commenting below.

Something happened on November 8th, 2016 that changed the face of commerce forever in India. That day, the Prime Minister of India demonetized all the ₹500 and ₹1000 currency notes that were in circulation. A nation that was so habituated with currency notes for every small and large transaction suddenly felt handicapped. For months together, there were long queues in front of Banks and ATMs to surrender old currency notes and withdraw new notes. Since the currency was not being disbursed at the rate at which trade happened, many things happened

Kids were compelled to break their piggy banks to bring into circulation the notes and coins they had saved for perpetuity. Cash tucked away in empty pickle jars and Dal dabbas by housewives brought out a curry trail when they were put back in circulation. Senior citizens who had spare currency notes deposited them into banks so as to bring them into circulation. Months of brouhaha and a field day for media and politicians alike.

But most importantly, the ordeal that ensued for months paved way for a New India – an India where you didn’t have to use Cash, you didn’t even have to use Credit Cards or Debit Cards. You just used your smartphone to pay ₹5 for a toffee, pay ₹50 for a cup of coffee at a café and pay ₹50,000 to buy a piece of jewelry or that fancy electronic gadget you always wanted.

These ordeals are what we will address in a series of articles so stay with us.

What I looked forward for most in the class was that Star Sticker the nursery teacher would give me every time I completed a task, learnt a chore or answered a question correctly. Some times, the teacher would become very happy with our progress and also give us a tattoo with the star sticker or two stickers. Some days, it was a heart sticker and few other days, it was a smiley sticker.

These stickers and tattoos collection increased my value immensely in the class in two ways – one – I would get to wear them on myself with pride and two – I could exchange surplus stickers and tattoos with my friends in the class who were “not so quick learners” the stickers and tattoos but still wanted them to show off.

Wait! What does the source of Cryptocurrency have to do with nursery school?

Well, they are pretty much the same but on a different scale. Let me elaborate.

The Cryptocurrency networks have created some complex mathematical problems that are to be solved. These problems are attempted and solved by enthusiasts using computer programs. Anyone who is successful in solving the problem is rewarded with the cryptocurrency. The process of solving the problem is called mining and the computer programmer who solves it is called a miner. Once the problem is solved, that currency unit comes into circulation and is allotted to the person who mined it. The miner can then use it in whatever way pleases. In other words, a star sticker of appreciation to the kid who answers teachers’ question(s).

These mathematical problems require vast amount of computer processing power and thus a huge array of servers with uninterrupted power supply. Since this is a very costly affair, lone individuals may find it difficult to fund such an expedition. This is where people with deep pockets come forward to fund such expeditions in exchange for a suitable portion of the prize. This is synonymous to your parents paying huge sums of nursery school fees because there is tremendous potential in what you could become while you are still getting potty trained.

Not very different from a nursery school again!

And finally, there are many Cryptocurrency networks in play and many more could open in the future (like nursery schools mushrooming in every nook and corner) but more importantly, the star stickers of appreciation that the teachers share – they could be coming from anywhere and there may be many more stickers from where they come. Nobody knows exactly how many crypto coins (or star stickers) are or will ever be in circulation, yet there is an image created that they are in short supply, should be mined rigorously and the miners should be rewarded lucratively.

Tell us what you think with your comments below.

However, without taking chances, prepare yourself for the dreaded day when you might loose by following these simple steps today:

1. Know what you own

In present day and time, it is unimaginable that we have only one card. Experts advice up to 4 bank accounts for better personal financial management, however working professionals tend to have at least 2 bank accounts. And multiple accounts mean multiple debit cards. Apart from this, many individuals also have one or more credit cards. The more disciplined ones have different cards for different purposes – groceries, restaurants, big ticket items (gold, jewelry, electronics & appliances, furniture, home decor, travel/vacations, etc.) and carry them along in the wallet based on where they are heading.

It is natural to loose track of how many cards you own. Hence, it is important that you keep a track of what you own.

2. Document what you possess

Depending on how disciplined you are, you might want to write down the following information pertaining to each card you possess. This will help when you have to report lost/stolen cards to your Bank.

1. The Card Number printed on the card front
2. The Expiry Date printed on the card front
3. The Customer Care Phone Number of the Issuing Bank printed behind the card

But wait! Aren’t we not supposed to write this sensitive information? Yes, you should not let this information be written on a piece of paper lying around in the house. You should note it down in a diary and keep it safely under lock and key away from prying eyes.

3. Report what is lost/stolen

Open your mobile phone and save the Customer Care phone number for each card in your address book right away. If/when you loose the card(s), you should call the customer care phone number immediately and report the card as lost/stolen. Time is of essence here as the lost card might fall into hands of some scrupulous element and you might see fraudulent activity happening even before you blink.

If your Bank has integrated their backend systems

When you call the customer care phone number, fortunately most of the banks have integrated their backend systems and just by providing your phone number and minimum KYC, they can pull your card records and place a hold on all transactions on your card. This will immediately prevent any fraudulent activity.

If your Bank’s backend systems are not integrated

In case your Bank does not have the backend systems integrated and require you to provide the Card number and other details to carry out KYC, the notes you have made (see point #2 above) will come in handy.

In present day where Cards are not a luxury but a necessity, it is important to safeguard them and prepare for any eventuality.

Tell us how you would protect your cards, share your tips-and-tricks with us using the comments section below.