SUMMARY
Currently, a solution is undergoing a test which is designed to allow banks to track the registered address as well as geolocation of a customer and where an OTP is getting delivered
The partnership with telcos is aimed at locating the customers’ phones and SIM cards at the time of OTP delivery
The Reserve Bank of India had also proposed an additional authentication factor for any digital payment transactions
The Ministry of Home Affairs has reportedly partnered with SBI and some telecom operators to develop a solution to alert about stolen one time passwords (OTP). This move is aimed at helping people combat phishing attacks.
Currently, the Centre is testing a solution which will allow banks to track the registered address as well as geolocation of a customer and where an OTP is getting delivered. In case of any discrepancy between the two locations, the customers will be notified about a possible phishing attack.
“The solution is still being tested; these are early days but the idea is to track the geolocation of the customer through the telecom database and ensure that the OTP is going to the right area,” ET reported, citing sources in the bank.
According to the report, the Reserve Bank of India had also proposed an additional authentication factor for any digital payment transaction. But as fraudsters have also enhanced themselves in rerouting OTPs to their own devices, the second factor is not of much use in the process.
“In case of any issue with the OTP delivery location, we can undertake two steps–either pop an alert on the device or block the OTP altogether,” a second official said.
The partnership with telcos is aimed at locating the customers’ phones and SIM cards at the time of OTP delivery.
“For instance, the customer lives in Bengaluru and the OTP is getting delivered in some place in Uttar Pradesh where the person has never been or from where the person has not made any calls recently, which means he or she is not traveling to that place; this is a typical red flag scenario,” the source said.
Earlier, RBI Governor Shaktikanta Das alerted people of the potential threat that AI could pose to cybersecurity. He urged financial institutions to make “substantial efforts” towards protecting customer information and developing monitoring systems.