Sharing Is Caring? Not Always: OTP Thefts Increase In Bengaluru, Victims’ Carelessness To Blame

One time password (OTP) thefts are increasingly becoming commonplace in Bengaluru and lakhs of rupees have already been stolen from the bank accounts of many IT employees, reports Economic Times (ET).

“The thefts were initially of relatively small amounts of ₹5,000-10,000. However, of late, larger amounts ranging from ₹50,000 to up to a few lakhs, have been stolen. We have not been able to apprehend anyone yet. The victims also include several IT employees,” the story quoted an official in Bengaluru’s cyber crime cell.

OTP is a two-factor authentication system in which a unique password is sent to a customer’s phone/mail to validate a transaction. Only a customer has access to the OTP at any given time unless he shares it with others.

Fraudsters contact victims and pretend to be bank employees and persuade them to give the OTPs. Some cyber criminals also use malware programs to infiltrate into a victim’s phone and access the password. However, even this method requires users to click on a particular link for the malware to activate.

Thus, experts note that OTP theft is a not a failure of technology, in that OTP is a fool-proof system but a privacy issue. If the victims do not share OTPs with unauthorized callers and do not click on spurious links, such thefts could be avoided.

New committee on digital payments

Earlier this month (January 2019), the Reserve Bank of India (RBI) appointed Nandan Nilekani as the chairman of a high-powered five-member digital payments committee to improve the safety and security of digital payments ecosystem in India.

Also Read: India To Become Cashless Soon? NPCI Data Shows Monthly UPI Transactions Cross Rs 100,000 Crore