The document provides an overview of the evolution of payment systems from barter to modern digital payments, detailing various methods and technologies used today. It emphasizes customer protection measures in digital payments and highlights the prevalence of fraud in the digital landscape, along with common tactics employed by fraudsters. The document outlines the steps customers can take to protect themselves, the responsibilities they bear in unauthorized transactions, and the measures implemented by banks to ensure the security of digital transactions.

1. CUSTOMER PROTECTION IN
DIGITAL PAYMENTS
PRECAUTIONS TO BE TAKEN WHILE ENJOYING THE BENEFITS OF TODAYS DIGITAL
FINANCIAL PRODUCTS AND ACTION TO BE TAKEN WHEN BECOME VICTIM OF
MONETARY LOSS WHILE DOING DIGITAL PAYMENT

2. EVOLUTION OF PAYMENT SYSTEM
• From times unknown to 3000 B.C.: Payment system is in its nascent phase.
The barter system is followed. People exchange goods for goods with the
value of each good predecided.
• 3000 B.C.: Barley is used as token money. Payment system now works with
commodity money instead of simple barter.
• Around 700 B.C.: Coins are minted. Payment is now distinct coins that hold
value

3. • 17th Century: Heavy coins have started becoming a menace and
we have upgraded to bank notes. This is plain hard cash we still
use.
• 1659: Drawn notes, nowadays known as cheques, are introduced
by bankers of London for the first time in the economy.
• 1979: Visa introduces the credit card terminal. Although the credit
card system is changing into a more dramatic fashion, to a certain
degree the Visa’s point of sale is still the most prevalent credit
card processing machine used.

4. • 20th Century: Internet is here, and digital payment along with it.
Paying money without cash or cheque is now possible. The system
now recognizes you and the value of the cash you own.
• 21st Century: Digital payments have evolved at breakneck
speeds. Escrow payments, one-click payments, e-wallets
and cryptocurrencies are just a few of the number of new
concepts of the current payments industry. Nonetheless, to pay
with cash, cheques, and credit cards continues to be one of our
daily-basis operations.

5. DIGITAL PAYMENTS
• Digital payments are any type of payment that happens electronically.
• Digital payments are the new standard in our increasingly cashless culture,
and they happen every day worldwide. Fundamentally, the phrase refers
to any payment made via digital technology.
• Instead of taking physical cash from customers, businesses can accept a
digital payment when customers pay through a smartphone, computer, or
their credit or debit cards.
• Popular digital payment methods include bank cards, mobile and internet
banking, UPI, mobile wallets, FasTag, PPI cards etc.

6. VOLUME OF DIGITAL PAYMENTS IN INDIA 2022-26
(IN LAKHS)
2021-22 2022-23 2023-24 2024-25 2025-26
0
500000
1000000
1500000
2000000
2500000
590109
796648
1075474
1451890
1960052
Series1

7. STEP BY STEP PROCESSING OF DIGITAL PAYMENT
• Initiation
The customer provides their payment details – such as card number or bank
account information – at the business’s POS, card reader or e-commerce
checkout.
• Encryption and transmission
The payment information is securely transmitted to a payment gateway, which
encrypts the data and forwards it to the payment processor.

8. • Authorization
The payment processor sends the transaction details to the acquiring bank (the business’s bank),
which forwards the information to the issuing bank (the customer’s bank) through the relevant
card network. The issuing bank verifies the customer’s account and checks if they have sufficient
funds or credit to complete the transaction. At this point, the issuing bank sends an approval or
decline message back through the card networks and acquiring bank to the payment processor.
• Response
The payment processor relays the transaction’s approval or decline status to the business, which
then informs the customer of the outcome. If the transaction is approved, the business may
proceed with providing the goods or services. If the transaction is declined, the business will
receive a decline code indicating why the transaction couldn’t be approved, and they will
notify the customer.

9. • Clearing
Once the transaction is authorized, the clearing process begins. The issuing bank
transfers the transaction amount (minus any applicable fees) to the acquiring bank
through the card networks. The details are recorded and reconciled among the parties
involved.
• Settlement
During the settlement process, the acquiring bank deposits the funds into the business’s
account. The business receives the payment and the transaction is considered complete.
• Reporting and reconciliation
The business and financial institutions review and reconcile their transaction records,
ensuring accuracy and addressing any discrepancies.

11. FRAUD IN DIGITAL PAYMENT
• Frauds are driven by multiple factors such as local payment
behavior, customer awareness, security of payment systems, the
regulatory environment, maturity of the payments domain,
technical advancements and economic development of the country.
• The payments ecosystem comprises multiple stakeholders such as
banks, networks, payment gateways, channels, sellers, merchants,
customers and buyers, which interact with each other. These
stakeholders may have risks associated with them.

12. • A single payment from a customer to a merchant involves multiple
stakeholders in the payments process flow. When the customer pays the
merchant, the relevant information is passed on from the merchant payment
gateway and processor to the customer’s issuing bank, through the card
association network. Once the customer’s issuing bank authorizes the
transaction and deems it valid, the payment processor completes the
transaction.
• During this process, frauds can be perpetrated at any stage. Some common
techniques and tricks used by the fraudsters in perpetrating these frauds
across the payments ecosystem have been detailed in the following section.

13. CUSTOMER PROTECTION IN DIGITAL PAYMENT
• The most effective way to protect customer is to spread awareness regarding
the different payment frauds and common tactics used by fraudsters, along
with the payment instruments or channels.
• It is important to read all the guidelines about using the financial products and
application of payments before starting use. One should have clear
knowledge about how to lodge complaint on application he is using for
payment through digital mode.

14. COMMON FRAUD TYPOLOGIES
• Card skimming
• Shoulder surfing
• Phishing, Vishing, Smishing
• SMS spoofing + vishing (UPI)
• SIM Swap
• Card not present transactions without 2nd Factor authentication
• Card never received, Lost / Stolen.

15. HIGHEST NUMBER OF FRAUD IN CARD SYSTEM
• Banks have witnessed maximum number of frauds in digital payment category
during the fiscal ended 2023-24.
• In FY2023, the total number of fraud cases in the banking system were
13,530. Of this almost 49 per cent or 6,659 cases were in the digital
payment – card/internet – category.

16. CUSTOMER PROTECTIN IN VARIOUS TRANSACTIONS
For Card Transactions –
• All CP and CNP transactions on cards issued in India are secured with
AFA. This AFA can be in any form and few commonly used forms are PIN,
dynamic one-time password (OTP), static code, etc. The requirement of
AFA is not mandatory for transactions where outflow of foreign exchange
is contemplated. Similarly, in case of CP transactions (except ATM
transactions) using NFC contactless technology, transactions for a
maximum value of 5,000 per transaction are allowed to be undertaken
₹
without AFA requirement, subject to adherence to EMV standards.

17. Card Skimming
• Type of card theft where a
small device is used to steal
card information
• The device captures all details
stored in the card's magnetic
stripe when it is swiped
through a skimmer
• The details copied onto new
card plastic for fraudulent
usage

18. STEPS TAKEN BY RBI TO KEEP DIGITAL PAYMENTS
SAFE
• For adding new payees, specific OTPs are needed from a secondary channel,
making the process more secure.
• New OTPs are required for high-value transactions, enhancing security for
important financial dealings.
• The time limit for OTPs is closely managed to reduce the chance of misuse.
• Using digital signatures and Key-based Message Authentication Codes (KMAC)
to identify and stop unauthorized transactions.

19. • Educating customers about their rights as per the Consumer Protection Act
and the responsibilities and risks linked with internet banking.
• Informing customers via an alternate method for transactions exceeding a
value specified by the customer.
• Teaching customers how to react to SSL or EV-SSL certificate alerts to avoid
falling victim to phishing. An SSL certificate error happens when a web
browser is unable to verify the installed SSL certificate on a website.
• Introducing systems to assess transaction patterns and highlight unusual
activities, ensuring that transactions align with the customer's typical
behaviour.

20. LIABILITY OF CUSTOMERS IN UNAUTHORIZED
ELECTRONIC TRANSACTIONS
Zero Liability of a Customer
• A customer’s entitlement to zero liability shall arise where the unauthorized transaction
occurs in the following events:
• Contributory fraud/ negligence/ deficiency on the part of the bank (irrespective of
whether or not the transaction is reported by the customer).
• Third party breach where the deficiency lies neither with the bank nor with the customer
but lies elsewhere in the system, and the customer notifies the bank within three working
days of receiving the communication from the bank regarding the unauthorized transaction.

21. Limited Liability of a Customer
A customer shall be liable for the loss occurring due to unauthorized transactions in the following
cases:
• In cases where the loss is due to negligence by a customer, such as where he has shared the
payment credentials, the customer will bear the entire loss until he reports the unauthorized
transaction to the bank. Any loss occurring after the reporting of the unauthorized transaction
shall be borne by the bank.
• In cases where the responsibility for the unauthorized electronic banking transaction lies neither
with the bank nor with the customer, but lies elsewhere in the system and when there is a delay
(of four to seven working days after receiving the communication from the bank) on the part of
the customer in notifying the bank of such a transaction, the per transaction liability of the
customer shall be limited to the transaction value or the amount mentioned in Table 1, whichever
is lower,

22. Table 1
Maximum Liability of a Customer under paragraph 7 (ii)
Type of Account
Maximum liability
( )
₹
• BSBD Accounts 5,000
• All other SB accounts
• Pre-paid Payment Instruments and Gift Cards
• Current/ Cash Credit/ Overdraft Accounts of MSMEs
• Current Accounts/ Cash Credit/ Overdraft Accounts of Individuals with annual average balance (during 365
days preceding the incidence of fraud)/ limit up to Rs.25 lakh
• Credit cards with limit up to Rs.5 lakh
10,000
• All other Current/ Cash Credit/ Overdraft Accounts
• Credit cards with limit above Rs.5 lakh
25,000
Further, if the delay in reporting is beyond seven working days, the customer liability shall be determined
as per the bank’s Board approved policy. Banks shall provide the details of their policy in regard to
customers’ liability formulated in pursuance of these directions at the time of opening the accounts. Banks
shall also display their approved policy in public domain for wider dissemination. The existing customers
must also be individually informed about the bank’s policy.

23. THANK YOU
BY - NAME