Better Safe Than Sorry: RBI Bid To Ask Online Players To Not Store Card Data Is Warranted

by R Jagannathan - Mar 2, 2021 11:33 AM +05:30 IST
Better Safe Than Sorry: RBI Bid To Ask Online Players To Not Store Card Data Is WarrantedRBI office in Mumbai. (Aniruddha Chowdhury/Mint via Getty Images)
  • The RBI has correctly decided that discretion is the better part of cyber valour, especially when our ability to cope with cyber attacks and frauds is weak.

The Reserve Bank of India’s (RBI’s) proposal to stop e-commerce platforms, online aggregators and others from storing customers’ credit card data is prudent and sensible. Even though it is going to make transactions more cumbersome — you will have to enter your card details every time you buy something — it is warranted in the context of India’s weak cyber-security laws and preparedness. The new norms are set to kick in from this July.

Over the past nine months, as China upped the ante on our borders, our army was able to handle the intrusions with courage and fortitude. But it is far from clear that we would have done as well if China had extended its warfare to cyber areas.

Over the last few days, there have been western and Indian media reports that China tried – or issued a silent threat — to bring our power systems down through cyber-attacks if we pushed too hard against them on the borders. Even though the government has denied thus, the suspicion will not go away.

Whether it is a hostile neighbour like China or plain and simple cyber crooks and thieves, events over the last one year suggest that our rapidly digitising financial ecosystem is vulnerable.

There have been reports suggesting that the Paytm, Big Basket and Juspay’s consumer databases were compromised by hackers, and even our vaccine suppliers faced cyber threats. Paytm and Big Basket are partly Chinese-owned, and the vaccine hack was attributed to Chinese interests. In June last year, around the time of the Galwan Valley violence involving Chinese and Indian troops, more than 40,000 Chinese hacking attempts were reported.

Other incidents, which may not be China-linked, were the disruptions in the National Stock Exchange’s telecom infrastructure, and HDFC Bank’s frequent outages which forced the RBI to stop it from expanding its card customer base till the glitches were fixed.

The National Stock Exchange is where the bulk of India’s stock market and bond transactions take place. We also ought to be doubly protective of the actual storehouses of India’s stock market and dematerialised wealth — the National Securities Depository Ltd and Central Securities Depository Ltd. These crown jewels clearly need extraordinary cyber protection — and there is no reason to believe they are not very well protected.

In a country where power systems use significant Chinese equipment, telecom infrastructure and handsets are China-dominated, and every kind of chip used in various gadgets is either made in China or Taiwan, there is no way we can afford to be sanguine about our digital vulnerabilities. They exist, and they will expand as our ability to provide cyber security is simply not good enough for the kind of financial digitalisation that we have planned.

As for our police and their ability to tackle cyber-crime, one has to be an extraordinary optimist to believe that they can quickly bring cyber criminals looting my wealth to book.

Consider just one possibility: if my credit card has been compromised, and the same card is used in multiple places, how am I ever going to prove to the police cyber-crimes cell where the breach took place?

The RBI has correctly decided that discretion is the better part of cyber valour, especially when our ability to cope with cyber attacks and frauds are weak.

Jagannathan is Editorial Director, Swarajya. He tweets at @TheJaggi.
Get Swarajya in your inbox everyday. Subscribe here.

An Appeal...

Dear Reader,

As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.

Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.

We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.

Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.

Become A Patron
Become A Subscriber
Comments ↓
Get Swarajya in your inbox everyday. Subscribe here.

Latest Articles

    Artboard 4Created with Sketch.