Ever wondered why people ask a question on Quora?
Sometimes they are obvious. Sometimes they encourage you to listen to K-POP.
“While the question may be stupid and obvious to you, it doesn’t mean that it is stupid and obvious to everyone else,” says Brian Blood.
There’s no particular reason why people ask what they ask, which is why Quora is fun. Often, followers are intrigued by specific questions because they have an answer that, against all the odds, is a pleasure to read.
Considering the exposure that Quora provides, as a fintech company, we at Razorpay also like to answer questions related to UPI, Digital Payments, Fintech and any product related queries.
On our fishing expedition, we can across a few interesting questions that we’d like to put on the map.
What is the modus operandi of some of the biggest and most common digital payment scams?
So, how do we deal with UPI fraud? How do hackers take your information? What is the best way to keep yourself safe from so many seemingly intelligent tricksters online?
#1 Types of cyber frauds
Before you stay vigilant, you must first be aware of the types of fraudulent cyber activities out there. While there are one too many types of frauds, we’ll be discussing UPI scamming, in this article. Here goes:
- Phishing is when fraudsters send bogus e-mails to access sensitive information of the potential victim. Once the victim keys in their details (password or PIN) into the fraudulent site, the information is immediately passed on to the hacker for misuse.
- Malware is one of the most common forms of cyber fraud and can be mistakenly downloaded from a fake e-mail attachment or an unsecured website. Malware is designed to extract and copy data from the infected device.
- Money Mule is a more elaborate fraud where once the victim’s data is obtained, fraud rings transfer money to an intermediary account to house the loot. This account acts as one of the money mules to park money collected from different victims.
- SIM Cloning is a recent addition that has mushroomed after the OTP-mandatory rule by banks. If a fraudster clones your SIM, he can even change the UPI PIN. The fraudster gets hold of the victim’s bank account details and ID proof to reset the PIN.
- Vishing is mostly hackers posing as bank representatives, asking questions ‘on behalf of the bank’. These individuals weave a web of lies and enquire about the victim’s personal information to extract their PIN or password. Click here to read more.
If digital payments can take place instantaneously, why do sites like IRCTC credit refunds after 5-7 days?
Why do refunds take 5-10 days?: A refund involves an exchange of information between 3-4 different parties. Each of these parties has its mechanisms to file the refund request, map it to their respective payments that were initially made and then process it forward.
Many of these processes in the banking ecosystem are not fully automated and require manual oversight. Given the number of parties involved and the variance in their processes to handle refunds, it takes 5-10 days for them to be credited back to the customer account.
When does it extend beyond 5-10 days?: About five major payment gateways are working in the country, 5-6 major acquiring banks who help process payments and about 60 banks which allow for functionality of payments via net banking or their card network.
Click here to read more.
How can I transfer money from my Google Play to my Paytm account?
Have a look at the circular issued by NPCI: Guidelines on Interoperability features for all BHIM UPI Apps.
For instance, if you are a GooglePay user and you want to transfer funds to a Paytm wallet, here’s a step by step process:
Important: Before you proceed, please enable location on your mobile because it helps Google detect and flag suspicious activities.
Step 1: Note your UPI ID, which is mentioned on the home screen. (xyz@okaxisbank)
Step 2: Open the Paytm app and select ‘Add Money’
Step 3: Enter the desired amount
Step 4: Select BHIM UPI as the payment method in the payment window
Step 5: In the VPA field, enter your GooglePay UPI ID
Step 6: Click on ‘Pay Now’
Step 7: After you select the option you’ll receive a notification from GooglePay app
Step 8: Select the request from Paytm and click to proceed
Step 9: Select or proceed with you default bank
Step 10: Type your UPI Pin and proceed
After that, the amount will be added to your wallet. In case you want to read more click here.
What kind of customer data do payment gateways have access to?
Even when we understand that the transaction is going to be secure, there is always a fear at the back of our minds when we enter our card or bank details. It’s our hard-earned money on the line, after all.
However, since digital payments are not going anywhere but upwards in terms of usage, let’s understand how secure your online transactions are and what exactly a payment gateway does with your data.
Encryption through PCI-DSS compliance
First things first, a payment gateway does not store your data as-is. The best payment gateways are PCI-DSS compliant. The PCI Security Standards Council is a global organization that sets compliance rules for managing cardholder data for all online payment systems. PCI-DSS is now the global standard for online security. What this means for you is that your online transactions are encrypted to ensure there is no data interception.
All the details that you enter like name, address, card information, netbanking information, etc. are used only to complete the transaction. The payment gateway never stores sensitive information like CVV, pin or password.
Now, coming back to the encryption bit. Data security begins the second you land on a website. A payment gateway uses the highest assurance SSL certificate, which allows TLS encryption of your data. This is a lot of jargon, but in simpler words, you can look at the URL in your browser. An https:// protocol means that the website you are on is secure.
Most e-commerce companies today work with secure payment gateways to ensure that the data of their customers is not compromised. You can also check if the website or payment gateway page is protected or not by looking for the https:// in the URL, but to additionally understand how payment gateways ensure security, let’s look at something called tokenization.
Tokenization to prevent exposure of data
You enter your 16-digit card number into a payment gateway’s interface. What the payment gateway does is that it replaces this 16-digit number with a single token. This “token” is a unique set of characters that replace your original card number.
This allows the payment to be processed without exposing your sensitive details. Tokens are assigned randomly, which makes it incredibly impossible to reverse-engineer the actual card number from the token. Click here to read more.
Why is Razorpay better than other payment gateways in India?
Razorpay is the only converged payments solution company in India that allows your business to accept, process, and disburse payments via its product suite.
With Razorpay, you have access to all payment modes, including credit and debit cards, UPI, and popular mobile wallets.
The most essential quality of a payments solution is the ability to scale itself to meet your growing demands. Razorpay’s Payment Gateway is a system designed to handle end-to-end payments.
It supports the most extensive set of payment modes.
From domestic and international credit/debit cards to UPI and mobile wallets, we’ve got you covered.
Quora entered the market about eight years back, and it has kept widening its offering since then. Something that just started as a question-answer platform today has about 400 million monthly active users.
People are looking for recommendations, features and experiences from real users and builders of products before making a move and Quora, as a platform has proven to be efficient enough to calm many quests!
To be continued…