CyberSafe: A Quietly Successful Government-Fin-tech Partnership To Tackle Cyber Fraud
If you read media reports on cyber fraud carefully, like I do, you would have noted a spike in cases where the police are able to track money moving through multiple accounts very quickly and make substantial recoveries. The secret behind this newfound efficiency is, in some part, due to an app called CyberSafe, which made a low-key debut in August 2019, to crack down hard on galloping cyber fraud. 
 
CyberSafe, an initiative of the ministry of home affairs (MHA), is a pilot application developed jointly by FICN (fake Indian currency notes) coordination group (FCORD) and private fin-tech companies. The objective is to make the digital payment eco-system safe and secure; enhancing the faith of the common man in the platform; and assist law-enforcement agencies in resolving and preventing all such crimes. Interestingly, FCORD was created to track FICN, but perhaps it was realised that digital fraud was a bigger and faster-growing threat. 
 
CyberSafe (www.cybersafe.gov.in) is essentially an information-sharing platform connecting fin-tech entities and a large network of thousands of law-enforcement agencies, essentially 5,000 police stations across India in 19 states and Union Territories, on a real-time basis. Since it is a home ministry initiative, adoption and acceptability has been superfast. 
 
What is unique about CyberSafe is the creation of a central repository of fraudsters, including their mobile numbers and bank accounts. The app works by tracking mobile numbers by fraudsters and the flow of funds looted from their victims on a real-time basis through collaboration with fin-tech companies. As soon as a victim complains to the police, the fraudster’s information is entered on the CyberSafe app which enables fund flows to be traced on a real-time basis and communicated back to the police. This is followed by regular police action to freeze accounts and recover money and close cases much faster than before. 
 
Here is how it works: When a cyber fraud of Rs6.5 lakh was reported by a 78-year-old Udaipur resident to the police, entering the data on CyberSafe revealed that the fraudster was operating from Jharkhand. It further revealed the funds were credited to three State Bank of India (SBI) cards and used to buy expensive mobile phones on Flipkart. The information was provided to the state police in a matter of minutes, the gang was tracked and a substantial amount of the money could be recovered. 
 
CyberSafe’s success is evident from the numbers over 34 months. Until 22 July 2022 over 151,360 phone frauds were reported on CyberSafe. This has allowed it to capture 132,000 phone numbers of fraudsters and 28,446 bank accounts used by them on a ‘centralised negative database’. CyberSafe is largely unknown to the public because access is limited to law-enforcement authorities and the fin-tech entities that have joined the platform to help track digital fraud.
 
It now has 19 fin-tech entities on board (including all and the top digital payments platforms) which are integrated on a real-time basis. Airtel Payments Bank is understood to have played a lead role in developing CyberSafe. A recent and very important entrant is the National Payments Corporation of India (NCPI) which has led to the detection and tracking of UPI (unified payments interface) and IMPS (immediate payment service)-related frauds that are proliferating in a big way.
 
 
By restricting usage to law-enforcement agencies, CyberSafe ensures that the negative repository only captures phone numbers verified by the police as being used in fraud. (More details here). Data captured by CyberSafe largely reflects the extent of its usage by enforcement agencies; the states that have used it most effectively to track fraud are West Bengal, Telangana, Uttar Pradesh, Maharashtra, Tamil Nadu and Uttarakhand.
 
Sources tell me that CyberSafe has now begun to integrate banks into the system as part of third phase of development. The final phase would be to integrate telecom service providers. The ultimate objective, according to its mission statement—“One SIM, One Fraud”—is to instantly capture fraud on the negative database so that no SIM is used for a repeat fraud.
 
Interestingly, CyberSafe’s website also allows an individual to verify suspicious phone numbers, account numbers and UPI IDs to check if they are on the negative list of 149,706 records already captured by it. The website https://cybersafe.gov.in/ Cybersafe/index.html throws up a tab saying ‘Verify Suspected Data’ allowing you to enter details that you want verified. This too is largely unknown to people, in the absence of a widespread publicity campaign. 
 
 
Essentially, CyberSafe addresses two key issues connected with online fraud: first, the ease of reporting fraud and tracing the flow of funds; second, preventing repeat frauds using the same SIM by creating the central negative repository. 
 
The success rate of the low-key CyberSafe app should, in the natural course, lead to a major scale up in operations and also address a couple of other challenges. The first is to make fraud reporting a lot easier. I understand the same team that developed this app is already working on FinSafe, an application that would allow users to lodge a complaint and auto-generate a tweet to the entity whose platform is being used by fraudsters.
 
Writing for Moneylife in February this year on tackling UPI frauds, Nandkumar Saravade, ex-CEO (chief executive officer) of Data Security Council of India and former IPS officer, had pointed (Tackling UPI Frauds: Security by Design Is the Answer) to the large discrepancy between the incidence of reported fraud and actual fraud. 
 
He noted how an article in The Ken https://the-ken.com/story/the-upi-frauds-undermining-indias-payments-fairytale/ mentioned that the number of reported monthly frauds was about 80,000 a month, but the actual number was perhaps five times as much, with losses running up to Rs200 crore. The official numbers for the year 2020, published in the annual report Crime in India of National Crime Records Bureau (NCRB) was a mere 30,142 for the entire year. Mr Saravade wrote that the anecdotal number quoted by The Ken was likely to be more correct.
 
CyberSafe has the potential to throw up accurate official numbers and also find solutions to tackling the cyber fraud menace by making fraud reporting more frictionless for the victim. Mr Saravade’s suggestion of introducing a prominent and mandatory ‘report a fraud’ button on each payment app would be the quick way forward, since payment companies and NCPI are already on CyberSafe. 
 
The ease use of UPI and IMPS payments systems and their extraordinarily high rate of adoption have brought world recognition to NCPI for innovation in designing payment systems for ordinary people. What was missing was an equally effective and easy mechanism to tackle cyber-scams. The combination of easy fraud reporting with the negative repository and tracking mechanism created by CyberSafe would give India a cutting-edge tool to deal with cyber-fraud and keep track of new trick and strategies employed by online criminals to dupe unsuspecting people. 
 
 
Comments
ckramachandran
2 years ago
Very useful information. I am however surprised to note that Google pay is not among the Fintechs listed as collaborators. Is it because Google pay thinks it is foolproof or for some other reason?
sudeep.ghag
2 years ago
Thanks for this article.
ruthfpelizabethac1256
2 years ago
I was scammed by Dakken Group.
They posted an ad on Facebook about 6 months ago about investments opportunities and I was very new to the digital currency world then so I didn’t know much about things to look out for. I went to their website and they told me I should invest in their 3 months ROI, at first I deposited 18,000 Euros and later I added 78,000 Euros in total over a month period as they told me the more money I invest the more my chance of getting higher returns. Now I have 96,000 Euros invested in total which was supposed to fetch me 220,000 Euros over 3 months, and they sent several emails every showing how my investment was going well and all.
After the so called 3 months I asked for some withdrawal and they told me to pay a fee of 10% on the amount I want to withdraw and I obliged, I waited for more than 2 weeks and nothing. They eventually blocked my account and never pick my calls or reply my emails. They claimed my account was locked because of financial regulations, meanwhile I reported the case on assetsrepo.com and they followed the blockchain, it was then they told me I have been scammed and they showed me how they took all the money and where everything went. They worked on the case for about a week before they could get anything in return, they eventually got about 85,000 Euros back. I guess I just have to bear with the rest. But I want everyone to be careful from them and don't trust anything they tell you.
The sad part about the whole situation is the fact that I reported to facebook and they did nothing about it, those platforms are just filled with too many scams and they are not going anything to help the people using them, they only care about their money and nothing else.
Sudhir Mankodi
Replied to ruthfpelizabethac1256 comment 2 years ago
Any ad on social media platform has to be looked with circumspection. There are genuine players but they are few and far in between. more so when they promise exceptionally higher returns than what the market players (read banks) currently offer - which happened in your case), one should be sure that s/he is likely to be taken for a ride. You are lucky that using the blockchain technology, you were able to recover major part of your investment. Your case is an eye opener for all the readers. Thanks for sharing.
vram2311
2 years ago
The Government has been silently working on many initiatives . CBI is infact put up an advertisement some time back in TOI for an alliance with the Digital forensics company
prasanna
2 years ago
Thanks for the information
virendra.sharma.1804
2 years ago
Very Good Article-Thanks a lot for sharing.
rangarao.ds
2 years ago
Wonderful initiative. But still the digital payment system isn't fool proof, because the criminal is always one step ahead of the pursuer.
anant.9196
2 years ago
Thanks for this extremely useful article on a subject that is most important and critical today! The heartening aspect is that Govt is responding to need of the hour on an urgent basis! What is equally heartening is that it is taking inputs provided by Moneylife's earlier article on this subject and designing systems accordingly!!
Whilst obviously there are miles to go at least for a change finding govt actions and responses seeming to match upto the challenge involved is a huge pleasant plus !!
Thanks again for this important article..
Free Helpline
Legal Credit
Feedback