How to protect from KYC fraud and why CKYC is important

India is moving fast on the road to becoming a cashless economy. In the past few years, there has been a rise in robust digital payments infrastructure with UPI at its core. The Covid pandemic also underlined the importance of digital payment. It brought a massive shift in consumer behaviour and forced them to adapt to digital transactions. However, the convenience that digital transactions bring comes with their share of liabilities. Fraudsters and scamsters with sound knowledge of social engineering tactics have been leveraging KYC procedures to steal people’s hard-earned money. They primarily target those who are ignorant about these technologies.

What is KYC

Know Your Customer (KYC) or Know Your Client is a process where customers give verified information to the banks or any other financial institution for identification. KYC ensures that a financial institution isn’t providing services to those involved in money laundering and fraud schemes. Amid the second wave of Covid-19, most of the banks in India, including SBI, allowed customers to complete the KYC process digitally or via post.

The latest scam comes as a text message that warns consumers of KYC expiry and asks them to visit malicious links to update it. It claims that their account will be seized if the users fail to update it. Cybercriminals often also promise lucrative gifts and rewards to customers.

Recently, Chinese hackers reportedly targeted SBI customers to update their KYC process and get gifts worth Rs 50 lakh. Last year, a 67-year-old elder lost over Rs 3 lakh to cybercriminals. The miscreants used KYC to convince the victim to give away his bank details and other crucial information.

Gautam Mahesh, Director of Products at Decentro, said that while the pandemic saw people shifting to digital payments, the rate of online scams and KYC frauds also increased at an alarming rate.

"The time has never been more apt for businesses and institutions to consider KYC extremely seriously and keep their customer data secure and up to date in a fully digital manner. With the advent of C-KYC and digital national repositories, this can be done efficiently and without worry," he said.

How to protect from KYC fraud

Customers will have to be wary of these sophisticated cybercrimes by gaining digital literacy. Customers should remember that no bank or digital e-wallets will do KYC over a text message or Whatsapp.

Further, people should think twice before reacting to such messages. Customers should not click on the links given in the message or callback the number.

Even though the KYC process is digital, no financial institution asks you to download third-party apps like Any desk to complete it.
Customers should not fall for attractive gifts that cybercriminals offer to lure them.
Consumers should also never share their bank details, credit or debit card details, UPI pin or OTP with anyone, including the bank.
People should also immediately report to authorities if they encounter such cybercrime or become a victim of one. People who want to file a complaint can visit National Cyber Crime Reporting Portal cybercrime.gov.in

What should businesses do?

India is set to witness an increase in real-time payment in the coming years. The volume of these transactions is likely to be over Rs 50 billion. Now's the time for businesses and institutions to consider KYC even more seriously and keep their customers alerted about the same in a fully digital manner.

Financial Institutions should also revamp the current KYC procedure and upgrade it to video KYC. The end-to-end KYC process still requires human intervention at several decision points. Financial Institutions can do away with most of the legwork and automate several steps.

Many banks, as a service platform, are providing CKYC banking APIs for businesses. The CKYC (Central Know Your Customer) API integration can make the entire KYC process seamless and keep fraud activities in check. CKYC is a government of India initiative which allows users, particularly investors, to perform the KYC process only once. Investors can then avail any banking services without hassle.

As of March 31, the CKYC registry hosts more than 35 crore KYC records. It is the very testament of India's strides to tackle rising fraud instances by ensuring that institutions share data with each other. Businesses can consider implementing a single API endpoint to secure, automate and standardize the entire process of customer onboarding.

Digital India will be a reality in the next few years, and CKYC is one crucial step towards eliminating the challenges to the country of our dreams.