Though a relatively new concept in India, consumers are accepting e-wallets with open arms because of the convenience it offers. Much like your physical wallet, an e-wallet is an online prepaid account that makes it easy for you pay while shopping, recharging or paying bills online. Once you’ve set up an e-wallet account, it saves you from having to enter your Debit and Credit Card details for every transaction. How convenient, right? Some well-known e-wallet companies include PayTM, MobiKwik, Oxigen, Citrus Pay, mRupee and FreeCharge.
Since e-wallets are still in their infancy, they are easy targets for fraud and misuse. If examined closely, you can find a number of gaps in the technology and transaction processes of most e-wallet companies. These gaps are allowing not only fraudsters, but even genuine users to take advantage of them.
Wondering what these loopholes are? Keep reading.
Using stolen Credit Cards
Since banks can help you track down your stolen cards if they are used at any merchant outlet, fraudsters are now relying on e-wallets to steal money from stolen Credit Cards. How is it done? Well, it is pretty simple to create an e-wallet account. All you need is a valid phone number. This allows scammers to create multiple e-wallet accounts using different SIM cards. They can then load money from the stolen cards into these accounts. Money can be loaded into e-wallets using Debit and Credit Cards, or net banking passwords. These frauds are possible because the mobile wallet companies don’t keep a check on who opens an e-wallet account, as they profit from the number of accounts opened. The stolen money is usually used to make purchases or do recharges online.
Frauds through impersonation have been prevalent in the banking industry. Now, how does impersonation work with e-wallets? Impersonating basically involves stealing someone else’s e-wallet information (including passwords) and making transactions by posing as them. The usual targets are less tech-savvy e-wallet users.
SIM swaps pose as much a threat to e-wallet users as impersonation does. For SIM swapping, the swindler collects information about a user, which he uses to get the user’s SIM card blocked. He then obtains a duplicate SIM card using a fake identity proof. Now that the user’s SIM card is deactivated, the scammer can easily obtain one-time passwords and make transactions using the stolen e-wallet information of the user. If you don’t want to be a victim, do not share your e-wallet details and password with anyone.
Some e-wallet apps have not embedded proper security to prevent malware attacks. This makes it easy for tech-savvy fraudsters to inject malware into these applications and collect details of users from their phones.
Cashing out Credit Cards
A major loophole of e-wallets is that they allow users to cash out their credit cards easily. It means that an e-wallet account holder can transfer money from his Credit Card to his bank account without any fees or interest for using his account. Even genuine users tend to take advantage of this transaction loophole. All he has to do is load money from his Credit Card to the e-wallet and then transfer this amount to his bank account. Mobile wallet companies are slowly addressing this issue by setting a limit on the amount that can be transferred to a bank account.
Making multiple online transactions at the same time
Another major e-wallet loophole is letting users and fraudsters make multiple transactions but charging them only for one of them. If the transaction amount is less than the available balance and the user does both transactions simultaneously, he will be charged only once. A few e-wallet companies are addressing this issue by not allowing more than one transaction at a time.
Additional Reading: How To Effectively Use Digital Wallets
How to protect yourself from E-wallet fraud
Since e-wallet companies are still learning about the different loopholes in their system, it may take a while for them to fix the same. In the meantime, you can protect yourself from these e-wallet frauds by adopting these simple measures.
- Always check every app or software that you download and run on your phone. Download apps only from an app store.
- Never share confidential information such as passwords, one-time passwords, and PINs with anyone.
- Do not give anyone access to your phone if you’re doing any financial transactions on it.