Newspapers tend to give wide publicity to celebrities who lose money to cyber fraud. But there is a problem when the media projects financially illiterate celebrities as innocent victims, when they do not have the savvy to exercise basic caution before parting with information to scam callers. There is a distinction between a cyber fraud, where the bank’s systems are breached and accounts or credit cards are scammed, and ones where a user passes on information including one-time passwords. 

 

A report in the Mumbai Mirror says how Bollywood singer and 'Indian Idol 10' contestant, Avanti Patel lost Rs1.70 lakh in multiple transactions. It turns out that she had not only shared details of her own debit card, but also that of her sister (whose account was also debited) and compounded the foolishness by forwarding the one-time passcode (OTP) SMS to the caller. She ended up losing Rs1.70 lakh in multiple transactions from her and her sister's bank account. She had filed a complaint with the police. 

 

A police officer privy to the investigation told the newspaper, “The fraudster created and used a fake unified payment service (UPI) account to carry out the fraudulent transactions, which may have allowed him to access the account. There is a possibility of data leaks, as the victim had only shared the cards’ expiry date; most of the information was already with the fraudster.”  More about the UPI later. 

 

But this is not the sole example. Every day there are stories in the newspapers about people sharing their personal information, including bank account number, card number, card verification value (CVV) and even the OTP that they had received on their mobile number registered with the bank. 

 

The main reason for this is lack of financial literacy or discipline. Almost 99% of people will respond to a caller who claims to be calling from a bank or even Reserve Bank of India (RBI)! This is irrespective of whether they even have any account in that bank or not.  

 

Sharing of OTPs is particularly irresponsible, because almost every bank sends the OTP with a message warning not to share it with third parties. The Mumbai police and all banks, especially private banks, routinely issue tutorials and warnings to people about cyber fraud and against sharing personal information. 

 

The number of bank frauds, especially, telecaller and cyber frauds are increasing at an alarming rate. According to RBI, cyber frauds constituted almost one-third of total frauds in the banking sector during FY17-18. What is more shocking is that more and more celebrities and highly educated customers are getting duped very easily by the conmen posing as bank executives. One of the reasons is because these people believe that they are influential, nobody would defraud them or, even if someone does, they can catch hold of the fraudster easily. 

 

Last year in May, the Delhi Police cyber cell busted a Jharkhand-based gang that cheated many persons across the country by obtaining their ATM card details and OTPs. Describing the gang's modus operandi, the Delhi Police said, "One of the gang members would call up the victims and pose as official from RBI and seek their bank ATM card details. After obtaining the information, the gang would transfer the victim's money into e-wallets or virtual accounts and routed the money into other e-wallets. Finally, they would transfer the money to some bank accounts and pay utility bills.” That such fraudsters are thriving is due to negligence and financial illiteracy of users—this may be excused for less literate persons, but not when educated persons and celebrities are equally negligent. 

 

According to the RBI report during FY17-18, the number of reported cyber fraud cases almost doubled to 2,059 cases from 1,372 cases in the previous year. At the same time, the amount involved in the fraud jumped three times to Rs109.6 crore from Rs42.3 crore reported in FY16-17.

 

One of the most common methods used by these fraudsters is telling the respondent that her debit or credit card or bank account would be de-activated if she does not do what the caller tells her to do. As we all know, re-activating a debit or credit card or even a bank account a quite an uphill task resulting in people sharing all information with the caller.

 

Coming back to UPI, it is found that fraudsters use this to siphon money from customer's account quite easily. The reason for this is that under UPI, money cannot be transferred by using a virtual payment address, mobile number or even an Aadhaar number. In addition, it can be done from any UPI client app, not necessarily from a bank. 

 

Earlier in July 2018, the National Payments Corp of India (NPCI), which developed and promotes UPI and Bharat interface for money application (BHIM), had asked banks to discontinue Aadhaar-based payments through the UPI and immediate payment system (IMPS) channels. Pay to Aadhaar is an additional functionality in UPI and IMPS where the payer can transfer funds to the beneficiary using an Aadhaar number.

 

"Aadhaar number is a sensitive information and the revised framework about its usage in the payment landscape is still evolving. With this background, we proposed removal of ‘Pay to Aadhaar’ functionality in both UPI and IMPS before the steering committee (meeting held on 5 July 2018). The proposal of removing the Aadhaar number functionality was approved by the steering committee,” NPCI had said in a circular issued on 17 July 2018. 

 

Following the NPCI circular, State Bank of India (SBI), the country's largest lender, also removed pay to Aadhaar functionality from its BHIM SBI Pay app citing regulatory guidelines. (Read: Aadhaar: SBI Disables ‘Pay to Aadhaar’ Functionality from Its BHIM UPI App, Others Not Bothered)

 

Earlier in July 2017, Moneylife Foundation's persistent battle for bank customers began to bear fruits. The RBI issued a circular to reduce liability of customers in an unauthorised electronic banking transaction. The circular also asked banks to put in place a mechanism to record and address customer grievances or pay compensation in a systematic and timely manner. (Read: Moneylife #TweetMorcha, #BankSeBachao Impact: RBI limits customer liability in digital transaction)

 

RBI’s action came two days after a unique #TweetMorcha, which appealed to the prime minister Narendra Modi with the hashtag #BankSeBachao. This was preceded by a persistent campaign including an online petition that garnered lakhs of signatures, several complaints from customers, letters and memorandums. As on 4 January 2019, there are 324,691 people who have signed the petition, “Governor: RBI-Finance Ministry: Stop Banks Fleecing Depositors”. 

 

Making banks responsible to prove liability of the customer in such cases, in the circular, RBI says, in case of contributory fraud or negligence or deficiency from the bank, the customer will have zero liability irrespective of whether or not she reports the unauthorised transaction. In case of third-party breach, where there is no liability on bank or the customer, and the customer reports it to the bank within three days, then also she is entitled to zero liability, says RBI.

 

"Taking into account the risks arising out of unauthorised debits to customer accounts owing to customer negligence, bank negligence, banking system frauds and third-party breaches, banks need to clearly define the rights and obligations of customers in case of unauthorised transactions in specified scenarios. The burden of proving customer liability in case of unauthorised electronic banking transactions shall lie on the bank," it added.

 

In addition, banks are asked to credit the amount involved in the unauthorised electronic banking transaction to the customer's account within 10 days from reporting by the customer. 

 

RBI has also asked banks to put in place a mechanism to handle communication related with electronic banking and to resolve customer grievances within the stipulated time.  

 

You may also want to read...

 

Urgent! Delink Your Aadhaar from Bank Account and Never Share It with Anyone

 

Moneylife #TweetMorcha, #BankSeBachao Impact: RBI limits customer liability in digital transaction

 

Dr Pallavi Darade, a medical graduate working for the Indian Revenue Services, was deputed as commissioner of Food & Drugs Administration (FDA) in Maharashtra during the last one and a half years. Her notable achievement has been, busting the food safety aura that the trendy and extremely popular online home delivery eateries – Zomato, Swiggy, Foodpanda, and Uber Eats had around them.

 

In the raids conducted on 350 outlets in Mumbai, 112 were found to have `shocking unhygienic conditions’, besides not having registered food licences. Dr Darade speaks to Vinita Deshmukh of Moneylife on these recent raids, the action taken and consumer awareness to make these outfits accountable.

 

 

Moneylife (ML): Your raids on the trendy online food delivery app services, that is, Swiggy, Zomato, Foodpanda, and Uber Eats are commendable. What propelled you to take this action?

 

Dr Pallavi Darade (Dr Darade): I come from the income tax department where we regularly conduct searches and raids.  The Food & Drugs Administration (FDA) department never used to cover many establishments at a time -- it was limited surveillance. I recently found out that online food delivery services - Swiggy, Zomato, Foodpanda, and Uber Eats - which are very popular with the young generation, in particular, were doing business online which is fine but what was appalling was these online sites and apps were not following the license conditions required under the food safety act. Now, the terms and conditions of the licence are formulated to ensure that the food be prepared in hygienic, sanitised conditions; that medical reports of persons who are cooking and serving the food be regularly made available to the authorities. In Zomato, Swiggy, Foodpanda and Uber eats, no such system was being followed. In one go, we checked about 350 outlets of Zomato, Swiggy, Uber Eats, and Foodpanda, of which 112 did not have registration license of the FDA.

 

ML: How did you know that these 350 outlets were the vendors of these four online food app services?

 

Dr Darade: We sought from them the list of their vendors. We also collected information online. We found that the 112 outlets did not have the registration licences and so we stopped activities of these 112 outlets immediately. And then we issued show cause notices to Zomato, Swiggy, Uber Eats, and Foodpanda because they cannot get food cooked from people who are not licensed. That is the basic issue and accordingly, we are taking further action. 

 

ML: So what were the conditions that you found appalling?

 

Dr Darade: It was way beyond appalling I would say – it was extremely shocking because every other child today orders food online. Hence, to find the unhygienic and unsafe conditions in which the food was made, was horrible. Though there was this promise that food has been delivered from this or that outlet, many a time we found that the food was actually delivered from just the dhaba which is next to your house from a very small outlet; at times even from homemade kitchens where there were no proper facilities at all; there was no pest control; kitchens were dirty; the  water with which the food has to be made has to be potable water, then the test has to be done to see whether the water was safe or not – that was never done; medical check-ups of people who are serving the food was never done; and extreme unhygienic conditions – sometimes toilets were very close to the kitchens; sometimes dirty clothing was lying around; sometimes the storerooms where raw material was kept was not hygienic – so there were several parameters that we need to apply under the Food Safety Act, which were not complied with and this was the shocking outcome of our searches and raids.

 

ML: Did you also get complaints from consumers about these online food delivery apps?

 

Dr Darade: Yes, we get complaints often because we have offices across Maharashtra; we also have a Facebook page (https://www.facebook.com/Maharashtra.FDA1/.); a helpline number (1800222365) and our landline no is 022-265923-63/64/64. So, through all these online and offline support systems, we keep getting complaints. In fact, these complaints were the major ground information sources for us which brought our attention to the seriousness of the issue and made us believe that we need to check it thoroughly.

 

ML: What is the average number of consumer complaints you received after you took over as the FDA commissioner?

 

Dr Darade: I cannot give you the exact figures but we used to receive quite a few of them. We have no objection to online food services but then the kind of transparency that is required is lacking here. You cannot do business on a digital platform and say that we will be archaic in our approach. It has to be very transparent. So we have been appealing to them that they should put up the photographs of the kitchens from where the food is being cooked. Digitally, there is so much of space and that kind of transparency can easily come. Rather than writing how many stars are in the reviews and how the food is and just having a lovely photo clicked and put on the site, they should have the basic things in place which are missing. That is what we brought into focus.

 

ML: But anyway life goes on for them, so what is your action plan? What is the punishment they are going to get to deter them?

 

Dr Darade: We have stopped these 112 outlets from cooking food – that was one big action that we took. Secondly, we have issued notices of adjudication to the management of these outlets, which means, they have been called into action by the FDA by asking as to why they are getting food from people who don’t have the license. In this case, when the adjudication case is over, then on each and every case, they can be levied a penalty of Rs2 lakh each. So, 112 cases – we have till now issued adjudication notices in 50 to 60 cases -- non-licensee cases to Swiggy and Zomato. So, this action will go on. Plus, our parent body in Delhi, FSSI has already asked Swiggy, Zomato to de-list about 10,500 such restaurants which don’t have licences and yet are enrolled on their portals. So, this was again shocking that they had such a large number of listings of unlicensed restaurants. 

 

ML: Do you think this up to Rs2 lakh penalty is a measly sum for them, considering the roaring business they do?

 

Dr Darade: We can’t go beyond the rules that are laid down in the Act. Let me remind you that this penalty is for each and every case, where we can go up to Rs2 lakh. Of course, it will depend on individual cases as the adjudication officer will take into account all the factors to fix the penalty. Plus, the very fact that it has come into the media, makes people aware of it. And this itself is a big jolt for them.

 

ML: So, what is your advice to citizens who get substandard/suspicious food from these online food app services and want to approach you with the complaint?

 

Dr Darade: We have the Facebook page, the helpline, and landline numbers and we have offices in every district. And I think, as a consumer, you should be aware. Plus you should demand from the food portals and the food apps that transparency has to be there. You see, FDA cannot reach every place. I do want to reach but it is not possible for me. The community should be aware and the consumer should ask the service provider who is making food for them – ask them, you are making this dish for me, tell me how you are making, whether you are following these conditions. In fact, in their feedback they should say, why don’t you show me the photographs of your kitchen, why don’t you give some live feedback on the kitchens from where you are accessing my food or where you are making it; so that kind of transparency wherever possible – digitally, is very easy for them.

 

Secondly, our FSSI parent body has advised that all the restaurants should have transparent kitchens. Wherever possible you can have transparent kitchens but at times it is not possible to have them. So, in such cases, what we can do is we can make loyal customers of that restaurant, along with the owner visit the kitchen sometimes, whenever it is comfortable for both. I’m not saying during peak hours but when it is not so hectic and when it is convenient for the owner and for the customer. That kind of transparency will bring in a lot of cleanliness and a lot of accountability. Earning money is fine; people need these services, so give it; but then do it responsibly. Follow the conditions stringently – taking a license itself is not enough.

 

ML: Is it mandatory to have the file of the health record of those cooking and serving food, available for inspection for the customers?

 

Dr Darade: No, it is not mandatory. Visitors can’t come and demand it – but food safety officers can.  It is a right given under the Act to food safety officers. But once people start asking such questions, the pressure will build up for these online food app service entrepreneurs. Plus, whenever these entrepreneurs enrol somebody on their portals, they should check thoroughly whether their vendor adheres to all the stringent norms set by the FDA. However, they are enrolling without doing so which causes the problem.

 

ML: Are all the reports of the raids that you conducted, available on the public domain, that is your website, under the Right to Information Act?

 

Dr Darade: We don’t make it available on the public domain unless it is asked for. So if you apply under RTI, some documents can be made available to you . This also has the `third party’ information in it so we will have to seek their permission before we give the information to the RTI applicant.

 

ML: But this information is of a larger public interest…

 

Dr Darade: Larger public interest yes, but still it is somebody’s personal information. I go to a restaurant; I’m checking somebody’s kitchen, the name is involved. So, if you procure information of any such enterprise and you put it in the press, then it becomes a problem. If the third party gives us the clearance, yes our information can be given. Through RTI, we can definitely give it.

 

ML: We had done inspection of files under Section 4 of the RTI Act in the Pune Municipal Corporation to check food inspection raids in Pune’s restaurants and we were promptly given copies as this information is of large public interest.

 

Dr Darade: That is why we have done the raids. The younger generation is using these online food app services and so their transparency needs to be taken care of. RTI gives you certain rights which you can definitely enforce.  

The Supreme Court on Thursday vacated its stay on the Centre's 2015 action seeking damages of Rs 640 crore from Nestle India limited - the manufacturer of Maggi noodles - for alleged unfair trade practices, false labelling and misleading advertisements.

 

The class action is rooted in the case of alleged high lead content and presence of MSG (monosodium glutamate) in Nestle's popular Maggi instant noodles.

 

The bench headed by Justice D.Y. Chandrachud today vacated the stay of the proceedings before the National Consumer Disputes Redressal Commission (NCDRC) that were stayed way back in 2015 as the top court then was seized of the matter.

 

While vacating the stay on the proceedings on the class action by the Centre seeking damages of Rs. 640 crores, the court said the report of the Mysuru-based Central Food Technological Research Institute where the samples of Maggi noodles were tested would form the basis of the proceedings.

 

The court asked the Centre, the Food Safety and Standards Authority of India (FSSAI), Nestle and others to argue before the NCDRC whether the consumers were misled by the company as contended by the Centre in its class action.

 

The Supreme Court had in 2015 put on hold proceedings before the NCDRC after Nestle moved the top court challenging the commission's order directing the testing of 16 samples of Meggi noodles to ascertain their safety for consumption.

 

The NCDRC had ordered the testing of the Maggie noodles in the course of the hearing of the Central government's class action against Nestle India, the manufacturer of Maggi noodles, seeking Rs 640 crore in damages for alleged unfair trade practices, false labelling and misleading advertisements.

 

The Commission had directed that out of withdrawn stocks of Maggi noodles in the custody of the Food Safety and Standards Authority of India (of which 100 batch numbers were randomly noted by the local commissioner) 16 samples be sent for testing for presence of lead in any form and of MSG, including their quantity in the samples at the Export Inspection Council of India, Chennai.

 

Appearing for Nestle, senior counsel Abhishek Manu SinghviA said, "The lead

content was found to be within permissible limit and there is some amount of lead in lot of products."

 

Senior counsel told the court that the Mysuru-based Central Food Technological Research Institute has given the finding that the noodles contained lead "within permissible limits".

 

However, the Centre contended that the main issue in the class action was not whether noodles were harmful or not, but the company misled the consumers by alleged unfair trade practices, false labelling and misleading advertisements.

 

Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.