Recently an audio recording went viral where a woman narrated her story of how fraudsters cheated her of Rs 1 lakh through Google Pay. The viral audio created apprehensions amongst the users and raised a lot of questions of security in Google’s payment methodology.
It is essential to know how the payment system works to understand how to be safe from fraudulence.
Since its launch, Google Pay has remained a domineering Unified Payments Interface (UPI) – for both android and iOS users. How this payment app is different from a mobile wallet is it cannot store money in a digital wallet – money will be deducted or added directly from your bank account.
Through the app, the users can send money, receive payments directly into their bank account and also make payments to the stores, which supports UPI-based transactions. To use the app, one has to link their bank account – which automatically will be done if your mobile number is linked with your bank account, and set up a 4-digit UPI pin.
But the crux of the matter is fraudsters have found a new target for their loot. To be impregnable from such peril, Google has now put up a note on its official twitter handle stating
“We take our users’ security very seriously. Please make sure you do not share personal information like PIN, SMS OTP, debit card details, etc. with anyone, via email, forms or phone. Fraudsters could take your details and use other channels to defraud you.”
First and foremost, Google has asked the users to keep their UPI pin confidential as they do for the ATM pin. Also, the app functions with two layers of security; the first step is to unlock the payment application, and the second step is to complete the payment by entering the UPI pin.
Google has further warned to beware of suspicious “calls without context”.
“When you receive a call from an unknown number, be very alert. If they claim to be calling from your bank/retailer/insurance, but YOU don’t recognize them, be wary. If the conversations turn to ask information about government Ids, documents, personal financial data like your PIN, bank account number, UPI ID, immediately disconnect! Remember: You are not required to ever, EVER, reveal these details to anyone, no matter how convincing they sound.”
It also guides you on how to deal with such phone calls and messages.
Don’t “Give in to requests for making instant transactions, especially while on the call or while online, where the caller says they are standing by.
Click on a link sent over SMS/email
Download or install an app/file while on call
Share your screen laptop or phone screen using software or weblink they send you
Reveal your government ID, PIN, UPI ID, or any bank details over the phone
Requests to fill an online form, even if it looks legitimate. Fraudsters often create fake web pages that appear familiar, with logos and designs that resemble your bank or app.”
Google Pay only ask for UPI pin in a time of transaction and receiving needs no pin. In case you are asked to enter a pin, it automatically means that you are accepting an outward payment.
Most importantly, be attentive while making a transaction – recharge, bill payment, etc.
Similarly, UPI based applications such as PhonePay and PayTM is also a target by cybercriminals and fraudsters. A few months back, several such fraudulent cases have been reported in the name of e-KYC verification.
PayTM have also put up a post from its official Twitter handle stating
“Beware of Fraudulent KYC SMS or Calls. There are widespread KYC scam messages going on behalf of Paytm. We don’t send these SMS or ask you to download any other App for KYC completion. KYC can only be conducted at authorized KYC points or by our representative at your doorsteps.”