Facebook Acquired Minority Stake in Jio – My Views

First thing I came to know in the morning today, after I managed to figure out it was actually morning and not afternoon, was that Facebook has acquired 9.99% stake in Jio; making them the largest minority stake holder in Jio. Afterwords I spent the entire day reading tweets and news reports talking about how this is the greatest thing to have happened to India’s digital ecosystem since the launch of Jio itself and how this can potentially be the digital moment India has been waiting for. Many talked about how this can help Facebook, while other spoke about the benefits Jio will make from this deal.

Few obvious things people pointed out, how Jio can sort out Whatsapp Pay’s troubles in going beyond pilot stage by pulling the weight of Mukesh Bhai (as some tried to suggest), while few meant that Jio’s massive cloud infrastructure can be taken advantage of. As this article from 8th Feb suggests that Whatsapp had already cleared the permission hurdle and was on its way towards a phase-wise launch of Whatsapp Pay in India. They would have moved with or without this deal; selecting Jio Cloud as storage partner will now have added advantage.

Then there were others who talked about how this could mean that we can now finally have India’s version of WeChat. Airtel has been trying to do that through Hike messenger for years with very little success. Even Jio has been pushing their own Jio Chat, which is an exact copy of WeChat since much before the launch of Jio, with very little success. The one mammoth disadvantage these earlier two attempts by these Telcos, was that they were competing against Whatsapp. Whatsapp has built their entire loyal user base based on the simplicity it offers and people were finding other alternatives too cluttered for the base function of messaging as compared to Whatsapp and didn’t move, despite these apps offering so many other features and functions.

One thing very few people deny that Indian consumer is extremely value conscious and doesn’t mind using multiple apps for same functions depending on, which is offering better value at that time. This is one of the reasons there is so much overlap between customer base of PayTM, PhonePe and GooglePay and these apps have so far found it difficult to build a loyal customer base. Now comes the question of adding additional functions to Whatsapp and make it into a super-app capitalizing on its loyal customer base. Well, you can try, however if you think it will see as much success as WeChat in China, you must be dreaming. India doesn’t want a WeChat. Stop pushing it down our throats.

Jio has their homegrown apps for almost everything the apps are being used for, be it payment (Jio Money), chat (Jio Chat), reading (Jio Mags), OTT (Jio Cinema), Music (Jio Saavn), Education (Embibe), E-commerce (AJIO); there are more. The idea is to tell you that they have an app for everything and they are all copies of the leading apps in that particular category barring a few exceptions which they have not built but acquired. Yet, none of these apps are market leaders in their respective categories despite the massive distribution advantage Jio telecom brings to the table. Very simple reason for this is, unlike telco, there is no friction when it comes to selecting the app you want to use for any of the other services. A customer finds these apps pre-installed and he/she tries to use them only to realize that there is a better alternative he/she was either already using or can switch to and promptly discards the Jio’s versions of apps.

The point I am trying to make here is that you can make an app; you can even push the app to consumer’s mobile phones, however you cannot force them to use that app for a prolonged period of time unless it offers better value than the next available alternative. This cannot be created by just copying the best available option in the app-store.

You can click here to read about my prediction on WhatsApp Pay.

Another extension of above argument it looking at it as a massive Fintech play encompassing other Financial services beyond payments. The opportunity clearly is there, and it will depend on execution. What I mean by this is that they need to think beyond copying Chinese models and build something inherently Indian. They clearly have the resources to do so. They also have a very robust distribution channel, very superior to what anyone else has. All they need is the right product and execution strategy and they can clearly become unstoppable.

Last point, which I believe is the real game-changer is combining Facebook’s online strengths with Jio’s offline presence. Together they can completely transform the O2O game. Jio has sellers and they are working on enhancing that network, combine it with the massive customer base that Facebook brings to the mix and it can build a highly efficient low cost O2O marketplace that any other player would find difficult to compete with. The only problem I see with this though is that till now Facebook has spent massive efforts on teaching the customer a behavior of constant scrolling, which is not suited for selling anything to the customer. In order to sell things customer needs to instinctively switch to browsing behavior. An Instagram could be a better place to sell stuff, however I have never used it so, it will be very difficult for me to predict how it would pan-out.

In the end there is one clear area I would suggest Facebook and Jio should together work on and that is figuring out how to do push sale without making the customer uncomfortable. Simply put, you should ask a customer to buy something, when you know he is looking for that thing. So far nobody has been able to crack this. (In my last post about Google Debit Card, I had briefly mentioned about Google potentially attempting to do something like that.) If they can crack this, it will make them the most preferred player to buy the Financial Services products from.

I am, like everyone else going to keep a close eye on the developments to see, which direction they are headed. I just wish they don’t try to convert WhatsApp into WeChat. I may have to then start looking for an alternative to WhatsApp, of which there are none at the moment. Is Telegram there yet?

Google Debit Card

Recently I came across news stories covering Google’s plan to launch a Debit Card. It all started with this TechCrunch article comparing this move with Apple Card launch. First of all, to me that is not a fair comparison to begin with because Credit and Debit card are two fundamentally different products at their core. If you keenly analyse the brand positioning of Apple vs Android, you would realize that these offerings are very much in-sync with that. This also reflects the markets where each of them are dominant players. While Apple’s dominance is in markets where credit is primary mode of transaction, however Android is leader in markets with savings account as primary source of funds for day today expenses. All those jokes about one needing credit to buy an iPhone are based on some truth.

As the TechCrunch article also pointed out, it is not Google’s first attempt at launching a card, they tried it when they launched Google Wallet in 2012. (I keenly followed that project, because I was in process of building my own wallet before Google announced their pilot. This is story for another time though.) While there were many aspects of Google Wallet that I found fascinating, I was skeptical about the debit card bit because of the entire on-boarding experience. I had seen journey of multiple debit card variants physical, virtual, mobile launched by HDFC Bank to make that prediction.

Now however the times have changed. First of all, now Google has experienced massive success in India under UPI product, which inherently accesses the funds from CASA accounts only. This must have given massive confidence boost to Google Pay team to make another attempt at launching an instrument accessing funds from CASA accounts. Since UPI is as of now an India specific phenomenon, Google is trying to rely on Debit Card variant one more time, now riding on the newfound confidence. What will be the on-boarding experience is not yet known, but if they can use the learning from earlier experience, they might be able to do it better. We managed to issue a very efficient mobile variant of debit card in 2006-07, as part of m-Chek project I did for HDFC Bank in partnership with then m-Chek and Airtel. It was for not so smart phones popular back then, now the world has moved much ahead in technology adoption.

Why Google would want to do this? My answer to this question is still the same as it was in 2013. Google’s primary source of revenue is ads. Currently Google can very efficiently track the efficiency of their ads right up to the point of click, however it is not so efficient when it comes to tracking the last mile of purchase. Being able to know the effectiveness of their ads right up to the point of purchase is equivalent of digital gold for Google, a company that has built the biggest empire on user data.

This data will be the key to unlocking an effective way for selling Financial Products like Insurance, Investment Products etc, which are essentially push products and no digital company has so far been able to crack the code for selling such push products (I was planning to go on this journey but then fate had other plans for me). If Google can crack this piece of the puzzle with access to this additional data, it will completely revolutionize the way products are sold digitally and I am not talking about Financial products only here.

In addition to above it would be very easy for Google to push transactions happening with-in their ecosystem on these cards. This is what the partnering banks gain, an easy distribution channel and almost certain activation, with massive transaction value flowing through these cards.

In summary, if done right, I believe it is going to be a game-changing move completely different from Apple Pay’s journey. This not only has the potential to impact Fintech world in a big way but also how entire digital commerce is done today.

PS: This also has the potential to make Google first truly effective neo-bank for retail customers, however I am not sure if Google would have those aspirations.

Why this is the best time for early stage investors?

Few years back I had no idea about how investing works. In 2012, when I was first toying with the idea of becoming an entrepreneur I did not even have a clue how venture investing works. Then I got a chance to run an accelerator for early stage Fintech start-ups for some time with investment ticket size between 100k to 250K USD. I was closely involved with the entire process right from application, selection, investing to advising and helping them on various aspects of their business. While that entire stint was good fun, it also gave me a chance to interact with many start-ups from across the globe and opened my perspective towards appreciating and entrepreneur’s world and his/her perspective. If I was still doing early stage investing, how would I approach the current situation or should I use the word opportunity.

In my opinion this is the best time for early stage investors from deal making point of view for the simple fact that the nature is helping their selection process. The start-ups that are being built right now are primarily the ones where founders believe in their idea and execution ability beyond any reasonable doubt. Founders who were getting into business with the belief on their fund raising ability would be thinking of backing out now. That’s one big plus for any early stage investing.

Second big plus is that these start-ups are starting from rock bottom, if you and they believe that can make it in this situation, there is a huge possibility that things will only get better going ahead. If one can make it work given the current constraints and planning keeping the new world order and new learning in mind, it will be better for them to sail through than someone else who started earlier in earlier world order and now finding themselves back on the drawing board trying to figure out how to re-calibrate their products and processes. Some of the things which looked like a good thing to do 4 months back may feel like a huge inefficiency in the system. Very simple example would be if someone spent in an office lease may find out that it would be more efficient to work with only 30% office capacity.

Third point in favor of my argument is the ability to structure the deal in your favour with valuation expectations of founders readjusted to the new world order. There will be lesser haggling on valuation and you may be able to hold same equity for lesser investment. So even though your ability to raise fresh fund will be impacted to some extent due to global recession caused by this crisis, you should still be able to hold same kind of portfolio by finding a more favourable deal structure. If buying at low is true for public market, same should be true for private market to a large extent.

Fourth and the most important point is that the cost of labour has gone down significantly. Most organizations have reduced salaries of their staff. Typical salary-cut is in start-up world is in the range of 30-50% that means availability of good resources at lower cost has improved. If staff cost was a significant part of your burn, imagine it going down by almost 30% without you doing anything on your part. Since keeping the cost structure lean is one key criteria for any early stage start-up, current situation provides every early stage start-up a great opportunity to do so. With burn getting significantly lower with lower costs, a start-up maybe happy raising lesser than their original plan and try to run it in much more cost effective manner.

A seed stage investor works on the principle of taking higher risk in order to reap higher rewards that simply means the if they invest in twenty start-ups, the expect one of them to become a unicorn and three a semicorn so that even if all others fail their net return is significantly on the higher side. So their worry is not about making an investment that might fail, their bigger worry is missing out on one that might succeed. The opportunity presented by this downturn is that they may not be able to make twenty investments now but only ten however the possibility of those ten succeeding now would be much higher and return much more rewarding.

There may be an impact on the start-ups ability to generate revenue but for an early stage start-up immediate revenue is never a key criteria, by the time they reach a stage in their plan where they should start generating revenue markets would have recovered and customer’s ability to consume would have been restored. So to conclude, this is the best time for early stage investors to make deals and given a choice they should not miss this opportunity. Don’t wait it out. Get busy with Zoom calls scouting the deals. In that stage even due diligence can be performed remotely. Do the deals. All the best.

Banking Industry’s Response to RBI’s Moratorium on Loan Deferment Proposal

Follow up to earlier post clarifying RBI’s loan deferment memorandum, this post by @bhartiya_abhi summarizes the response of leading banks.

Presenting the summary and analysis of the response of 7 banks of India (SBI, ICICI, HDFC, PNB HSBC, Citibank and Standard Chartered) in response to RBI deferment option. While each bank has a separate policy these are the highlights according to me.

  1. Out of 7 banks only 2 have allowed automatic deferment of loans
  2. Credit card option has been given by very few banks and even they discourage using this option
  3. SBI made a U turn for automatic deferment
  4. ICICI has the most relaxed criteria for loan deferment
  5. All the foreign banks have very strict criteria for availing this option

I have also provided the source for my analysis. For any confusion please refer the bank sources.

Bank response to RBI deferment option

As part of COVID-19 regulatory package, RBI had rolled out a notification: RBI/2019-20/186 dated March 27, 2020, to reduce the burden of debt servicing caused due to disruptions in business on account of the COVID 19 pandemic and to ensure continuity of business. Following this announcement banks have started rolling their individual policies. Since capturing the policy of each bank would be very difficult and lengthy article I have tried to capture these 7 prominent banks (4 Indian banks and 3 foreign banks).

The response of the banks is varied and assymetric but one thing is common. All the banks want to avoid delay in credit card payments. Another surprise in the list is the U turn taken by SBI which had initially promised to defer the loans automatically. Each of these banks have a special condition attached for some loan. So if you have a loan/credit card from these banks please read it. I have tried to cover the points to the best of my understanding but please refer to the links provided for each bank for further understanding.

I have covered the following banks and the default option for the loans is as follows. Default option means what would happen if you don’t take any action or don’t contact your bank.

Bank nameDefault option for term loans
ICICIEMI is deferred
HDFCEMI will continue
SBIEMI will continue
PNBEMI will continue
HSBCEMI will continue
Standard CharteredEMI is deferred
CitibankEMI will continue
  1. ICICI

The moratorium policy can be downloaded from this link (https://www.icicibank.com/managed-assets/docs/personal/COVID-regulatory-package-FAQs.pdf)

The default option is that most of the term loans (list provided in the pdf above) will be deferred unless customers go for opt out of the moratorium. People can opt out by sending a sms – for these term loans. The number has not been provided in the guideline.

For Term loans

  • The Interest on all these loans will keep accruing and EMI will remain the same. This will result in increase of tenure.
  • For CC and overdraft facility all the interest accumulated will be payable on 1st June 2020.
  • There is no benefit for those who have paid their EMI in March
  • There is no extension of moratorium if currently going
  • There is no late fees for availing the moratorium

For Credit Cards

  • For credit card you have to opt in for moratorium
  • All unpaid amount added in Jun 2020 bill

For EMI on debit card people need to opt in to avail the moratorium option

  • HDFC bank

The HDFC bank moratorium option can been studied in detail from the link  (https://economictimes.indiatimes.com/wealth/borrow/hdfc-bank-loan-emi-moratorium-terms-conditions-and-charges/articleshow/74925989.cms)

For term loans there is an Opt in facility which means the instalments will continue if you do not contact the bank. If you don’t pay the instalment till 30th May then its assumed you want moratorium. To avail the option you have to call the bank numbers and inform them about wanting moratorium.

Separate call needs to be made for each facility. This means if you have multiple loans and you want the moratorium option for more than one loan then you need to call separately for each facility.

There is no credit for installment paid in March so all those who have paid in March can avail this facility for 2 months only.

If you want this option for credit card also then don’t pay and stop auto pay. Otherwise the banks will keep the option. The bank strongly urges its customer to pay whatever they can to avoid heavy interest.

  • SBI

SBI has actually changed its policy from the statements provided in media. It has changed from automatic deferment to opt in policy, so the bank seems to have second thoughts on its initial policy.

You can read more about the deferment guidelines here – https://www.livemint.com/money/personal-finance/how-sbi-customers-can-apply-for-emi-extension-11585737001144.html

To stop the EMI for term loans one needs to go here- https://www.sbi.co.in/stopemi

All term loan customers need to be apply for loan. The tenure can be extended by 3 months if availed for all 3 months.

The customers need to send email to bank to stop NACH. Refund of the March EMI is also possible by request.

The extension is only for term loans and not for credit cards.

  • PNB

The loan moratorium option needs to be opted in to avail the facility.

PNB has provided moratorium option for all Retail loans are typically home loans, personal loans, education loans, auto and any loans that have a fixed tenure. Which means that credit cards have been excluded by PNB also.

More details can be found from the below links


  • In case of housing loans the tenure will be shifted by the months for which moratorium option is taken. Which means that the EMI will be increased to compensate for the non payment of instalments.
  • There is no penalty if no payment is made upto 30th May 2020. Which means people who missed payment in March area also included.
  • Once you have availed the option then you can’t pay in between.
  • Credit cards are not covered under this scheme

Most importantly all your loans are deferred if you opt for one so please be sure you want this option for all your mails.

  • HSBC

The default option is to continue the instalments so one needs to apply for moratorium. HSBC has the most stringent criteria of all the 7 banks that I analysed.


The option exists for Home Loans (excluding Smart Home Loans), Loans against property (excluding Smart Loan against Property) and Personal Loans for its Wealth and Personal Banking (WPB) customers.

Some products like smart home loan not covered – These are the home loans which has OD facility.

Credit cards are not covered under this option

One can only apply online for the moratorium.

They will vet the eligibility. The moratorium is not applicable for everyone. Basic conditions are as follows

There basic eligibility criteria for being eligible for moratorium under this scheme are:

i. Loans disbursed or balances generated post 1 March 2020 are not eligible.

ii. You should not be overdue on any instalments or payments due to HSBC India as of 29 March 2020.

iii. All details need to correctly and completely filled in the application form.

For the selected loan the tenure of the loan will increase and EMI will be constant.

The criteria looks the strongest of all the bank norms that I have analysed and ensures that a very few would be eligible for this option

  • Standard Chartered

There is no separate request required from the applicants. Standard Chartered Bank shall be deferring EMIs during the moratorium period falling between April 2020 and May 31, 2020, as a default, for all eligible customers. This is applicable for all loan accounts with no outstanding dues as ofMarch27,2020

Moratorium period is applicable to non-delinquent loan accounts and includes the following Term Loans: •Home Loans

•Loan against Property

•Personal Loans

•Business Instalment Loans

•Guarantee Instalment Loans

The moratorium conditions are as follows:

  • One needs to SMS if they do not want to avail the moratorium.
  • It is only applicable for April and May instalments
  • EMI will be same and tenure will be extended
  • If availed no prepayment or other payment allowed
  • One is be eligible to avail the benefit of deferred payment of EMI during the Moratorium Period only if there are no outstanding dues as of March27,2020.
  • Incase someone is not eligible to avail the benefit under the moratorium Period, then they are required to repay the EMI on time to avoid penal charges and a slippage in credit rating
  • Not applicable for pre EMI on under construction units

So no option has been given for credit card payments

  • Citibank


Citibank has allowed moratorium credit card and term loans(personal loan and home loans) for only those who are preselected by them. They are being contacted by sms and mail.

  • They have also asked customers to avoid using it for credit cards.
  • EMI will remain the same and tenure will be extended
  • If EMI has been paid for April it can be reversed
  • If you are selected and amount is unpaid then no extra charge will be paid

This post was originally posted on Abhishek’s Medium Blog.

RBI Loan Deferment (take it or leave it)

RBI has recently announced deferment option to financial institutions for 3months to fight the challenges arising due to the pandemic (Covid 19). This announcement is a welcome step to fight the sudden financial uncertainties faced by retail borrowers. While many people will grab this opportunity due to financial problems it has also increased confusion amongst those who have not understood it well.

So I would try to explain the various aspects of the loan deferment announced alongwith an excel sheet where you can calculate the impact of using the deferment option

What is the option?

RBI has permitted all the financial institutions to allow a moratorium of three months on payment of instalments in respect of all retail term loans outstanding as on March 1, 2020. This means if you have taken a term loan from any lending institution, be it a regional rural bank, small finance bank and local area bank, a co-operative bank, all-India financial institutions, and NBFC (including a housing finance companies like HDFC), you can defer EMI payments for three months (March 20 to May 20).

Please understand that this is an option for the financial institutions and not a compulsory order. So your bank can refuse to defer your loans and demand regular payments for your loan.

What type of loan are covered (Is credit cards included)?

The announcement covers all the term loans like home loans, automobile loans, personal loans, farm loans, and crop loans. The announcement also includes other loans/revolving facility like credit card.

The loan deferment includes principal and interest payment for all the term loans and credit card outstanding.

Is it a loan waiver or loan deferment?

This is only a deferment option and not­­ a waiver. In simple terms if you don’t pay your loan for 2 months your loan tenure will be extended by 2 months. You will have to pay the interest amount for the deferment period also along with the original payment schedule. Your loan EMI has not been waived off and only deferred if needed.

Which loans to defer(or not) and what will be the interest rate?

The interest rate on deferred payments will most probably be the same as your ongoing rate of the loan. It means that deferring a credit card payment will attract 36-42% interest rates while a housing loan will attract 8-10% interest rates.

So even though credit cards are also included in this option you should definitely not use it for regular payments of credit cards. A term loan on credit card  carries 12%-18% interest hence even they should be avoided.

Housing loans are the best loans to be utilised in this announcement (if needed) as they are typically the biggest loans with low interest rates (<10%) and a long tenure. Any other loan should also be judged on similar parameters.

Will your loan EMI increase after deferment option?

Yes most likely. If you use the deferment option the interest amount accumulated on the deferred months will have to be adjusted. Which means you will have to pay more when your regular repayment starts. So either your accumulated interest will have to paid in one go or it will be distributed along the remaining tenure of the loan.

I have prepared a sheet to calculate the impact of using the deferment option. Please input your loan amount, tenure and interest rate to check the impact and your revised schedule.

Ex: If you have a loan of 3,00,000 at 12% interest and 18 months remaining the impact will be as follows.

Deferment options
Current schedule (to be input)Paid in March but not in April and MayNo payment from March to May
Loan outstanding on 1st March3,00,0003,00,0003,00,000
Remaining tenure in months181818
Interest rate12%12%12%
Last EMI dateSep-2021Nov-2021Dec-2021
Current EMI₹ 18,295₹ 18,295₹ 18,295
Revised EMI₹ 18,295₹ 18,662₹ 18,849
Total amount paid3,29,3033,35,5543,39,281

Do you have to inform the banks?

Yes you have to. While some banks like SBI have automatically deferred the loans every bank will have its own policy. Its best to check with your bank/financial institutions and inform them in writing.

The bank may ask you the reason for deferment and deny the option to you. So take your documents or any other supporting evidence to show why you need deferment before meeting them.

What if I paid/not paid in March and what happens to my credit score?

Since the announcement came in the last week of March and applies retrospectively for all loans outstanding on 1st March 2020 many people would have paid the installment for March. If you have paid your installment for March then you need to discuss with your bank. They may be able to adjust this amount for future payments along-with deferment for April and May.

If you have defaulted on your March installment for some reason you should immediately contact your bank/lender. You can get your loan adjusted retrospectively for March 2020 and escape being reported to credit bureaus.

Your credit score and credit history will not be impacted if you choose this option but continuing regular payment may boost your credit score. So this option should be used only if you are facing huge uncertainty.


The loan deferment option is a good option for those who are facing huge financial uncertainty. For all those who can repay their loans comfortably should continue with their regular schedules.

PS: This post is curtsy my good friend Abhishek. You can follow him on twitter @bhartiya_abhi

PS2: This is the link to his medium blog.

Concept Note: Coronavirus tracking app

Google Location is one of the most widely used service in the world and most of the smartphones have this service on by default for it is also being used by various other utility applications worldwide. We also know that google maintains the history unless a user specifically requests to delete that history. Google also knows your peer-group and the people you interact with in regular basis, for example if you happened to take an Ola cab, Google location logs will show you and the driver used the Google location service and the same time and you two journeyed together. If you happened to be in a public place meeting someone, there is a high probability google location service coupled with your contact history and call logs can establish who you were meeting.

Having established above let’s talk about some useful facts about coronavirus and its spread. 1. It’s a highly contagious virus, so it will be safe to assume everyone a carrier has come is contact with is at risk. 2. The symptoms can show themselves anywhere between 2-14 days from the day of infection, meaning in a carrier starts showing symptoms today it is possible that he/she has been a career from past 14 days. 3. Testing and health services are limited and in extreme short supply hence it is important to know where to focus the efforts. and 4. Tracing the carriers and quarantining them as fast as possible (before they even know it) is the key because any delay in doing so may mean anywhere between 1-25 additional carriers everyday assuming mild social distancing is being practiced and mobility is restricted because of lockdown.

Armed with above informed I propose following service to be designed, which may end up helping in saving the humanity in big way. (We can resume our privacy debates once humanity is safe and sound).

  • Create and additional service as part of Google location service where user or any other person having access to user’s phone marks the person carrier as soon as he/she is tested positive.
  • The moment this information hits the server, google maps will trace the footsteps of this user for last 14 days
  • Google servers will identify all other users in its systems that have been in the same location at the same time
  • Google will send a notification to all these users with the details of the nearest testing center requesting them to get them tested and observe extreme self quarantine till they are tested and confirmed negative
  • A copy of this notification will be sent to the nearest testing center, so that testing centers do not send away this person because he/she does not fit the criteria given to them (make this notification as one of the criteria for testing)
  • Google will also know if and when the person has visited the testing center and mark the user as sample given, when he/she visits the testing center and submits his/her sample
  • Google will also know if such person is breaking quarantine and will warn the person against doing so and will also alert nearby designated authority if such marked person decides to move away from his/her quarantine location along with a tracking
  • This tracking will help authorities apprehend the person as soon as possible
  • Users identified as such will not be allowed to turn off their location service till they are marked negative by the authorities
  • (We can even have an option to alert people co-living so that they also can take precautions and also help the person get through this situation)

Disclaimer: I do not have detailed knowledge of Google’s systems and internal functionality. This is a proposal created based on my knowledge of their services as a user. I am sure their capable engineers will be able to do a much better job when they get to designing something like this.

Fintech in the time of Coronavirus

We are now living in the time of highly contagious COVID19 caused by novel Coronavirus infection. Since there is still no vaccine or cure for this the only way being recommended to control the spread of this disease is social distancing. This means everyone is requested to stay at home unless absolutely necessary and avoid social contact as much as possible, leading to most of the businesses requesting their employees to work from home also shutting down all the avenues facilitating any form of social gathering like pubs, nightclubs, theaters etc. Any form of travel is restricted affecting entire travel and hospitality industry. Airports are deserted, Airbnbs are getting cancelled, airlines are under pressure to let go of cancellation fees, Ola and Uber are also seeing significant declines in their daily rides. Schools are colleges have shut down their campuses, with critical courses being run on google hangouts or zoom. Many Edtech platforms have made their courses free so as to reach a wider audience and benefit them. Personal hygiene and cleanliness is at all time high with people washing their hands for at least 20 seconds with soap multiple times a day. Many social media influencers are making videos teaching everyone how to wash their hands properly. I was wandering if they ever make a movie about this pandemic Akshay Kumar may play the role of Dettol Handwash. Kids making fun of Bunty for washing his hands for too long are now following his lead. Bunty is the new hero.

He is my new hero. Sab marenge, sirf Bunty bachega.

Some of these behavior changes maybe temporary like people may start going on holiday again once the dust settles, however some of these changes will be here to stay. In this post I will be talking about some very obvious and some not so obvious impacts of long term changes in Fintech industry. So brace yourself and pay attention for this post might reveal some key opportunities in time to come.


In long term I don’t see this impacting digital payment industry very significantly, however this could be a good opportunity to promote contactless payment options like QR Code, NFC, RFID, Tone etc. If your new hygiene conscious self is now worried about touching the cash that may have exchanged unknown number of hands before you, same logic should be extended for exchanging of plastic and entering the PIN on the keypad touched by so many people before you. While many of us may not go to that extent, if one can appeal to the Maya Sarabhai inside the consumer, they can utilize it to gain traction on these payment modes.

This situation of social isolation will also increase online shopping specially daily use perishable items, thus shifting the transactions from offline brick and mortar stores to mobile apps like Grofers, Big Basket, Prime Now etc.


While travel insurance might be taking a temporary hit a situation like this reminding whole world of their mortality is a perfect opportunity to sell protection products like health and life. I would be expecting to see a significant boost in sale of insurance products in next few months specially life and health variants. This situation is not only making us sensitive about our personal health but also of the people around us that includes our household staff. We may see the premium go up slightly though.

A marketing mailer from Religare Insurance

I would not be surprised if we see some interesting products coming from the industry with affordable premium. We should see insurance companies creating special policies for household staff and promote them through housing societies. Many organizations relying on gig workers like Ola, Uber, Zomato, Swiggy, Dunzo etc may now be more willing to buy insurance cover for their contract workers. It may even be recommended to them as part of their business continuity and disaster planning.

An interesting variant of insurance cover would be to cover for loss of income during such lock-downs offering protection to gig workers and other daily wage operators to protect themselves in case of another such disaster. Even small businesses will be interested in such kind of protection. This needs to be done now and fast when the memory of the disaster is fresh in everyone’s mind. Few years down the line this product may again not find many takers.

Investing and Wealth Management

With markets correcting 30%-40% primarily due to the pandemic we might see entry of new investors. While old investors would be licking their wounds and crying over the loss of wealth, new investors who were sitting on cash will find this an opportunity of cheap entry. As is evident by the following graph shared by Nithin Kamath of Zerodha, new account opening on their platform has seen a significant spike.

New account opening on Zerodha platform have shown a significant spike. Source twitter @Nithin0dha

Market at so low coupled with Yes Bank disaster customer might be feeling, if his bank FD is also at risk then why not take bigger risk and aim for better returns by investing in Equity rather than sitting on Cash. However the investors who would have lost significant wealth due to this crash may decide to sit quietly for few months in future.

*Please note that I am only talking about retail investors here and not traders or institutions.

Mutual funds may also observe a spike in new to investing customers. Some customers who were relying on their own for equity investment may now be open to seeking an advisor or moving to actively managed funds after this sudden crash.


One of the most commonly used financial service will continue pushing in the direction they have been for years now i.e. to avoid footfalls in the branches specially for service needs. Social distancing should help their cause further. While Banks have been working on creation single man branches (I personally worked on one project in HDFC Bank called Ultra Small Branch years ago) in rural areas, we may even see banks go for branches with fewer staff in future even in urban centers.

Ghar se banking Corona.

Bank branches have the potential to become the most effective center for selling other financial services products like Insurance, Mutual Funds etc. While many banks have been doing this for years and commission from sales of third party products form a significant part of their revenues, however they have not been exploiting their full potential. With sales of third party products becoming their primary responsibility they may end up becoming more effective. This would require banks to carefully re-brand and re-position their branch network. Most of the Financial Services products are push products, what better way to sell them through a bank branch. This means the composition of a bank branch is going to look considerably different with fewer tellers and more insurance and investing experts.

In my opinion if banks play it right the new stream of wealth management start-ups will find their biggest competition from large banks. The “if” in the beginning of previous sentence is a very big if though. Are banks ready to transform their entire way of working. If they are not, then they should only focus on holding the money and managing the treasury, outsourcing entire sales and services to third parties, wherever digital mode doesn’t work well.


Short term lenders like SmartCoin, Early Salary may see temporary spike in their loan book with new customers seeking temporary respite from loss of income relying on these short term lenders to fill the gap. On the other hand POS lenders like Bajaj Finance, Home Credit etc may find a significant drop in their transactions due to customers shopping less because of lock-down. Similar drop is expected in Credit Card transactions as well.

So if we refer to the other post on this blog, “phone pe loan” will spike while “loan pe phone” will see temporary drop.

SME lending is another area that will observe spike because most of the small businesses will need loan to support themselves for temporary loss of business due to significant drop in overall commerce.

In the end my theory is that India will emerge stronger once this crisis is over. We are much better placed to tackle this situation because of 1. median age ~26, 2. older population largely socially isolated because of cultural reasons and 3. our hygiene practices like washing our hands often, keeping out of the kitchen unless washed and things like these. Financial power center globally will incline further towards India. So cross your fingers and hope for the best.

Transit Payments

Coronavirus (COVID19) has made us all conscious about avoiding unnecessary human contact to protect oneself from getting infected. This made many people think about how cash can be one of the careers. I am not familiar with the biology of the virus and how exactly this transmission would work. However if people are worried about cash then exchanging cards during transaction or touching POS machine to input PIN can also be a problem. That means in the days of COVID-19 safest mode of payments (talking from health perspective here) would be contactless payments like QR codes, NFC, RFID, Tone etc. Transit payments is one of the most popular use case of contactless payments around, which has been even more mainstream since the push for Fastag for toll payments by Indian Government.

During my banking days, I got the chance to lead the solution for Jaipur Metro (JMRC), which was being managed by DMRC. So essentially I got to study how Delhi Metro payments work and also design the solution for JMRC using the learning from Delhi project. In this post I would like to explain some of the key factors to be kept in mind while designing such a solution.

Transit payments are a different category for a very simple reason because of its need to be exceptionally fast, much faster than any other payment method we use. If the transaction is not processed with-in a fraction of second end-to-end we can see endless queue of angry customers forming, be it payments at toll-booth or entry and exit points of metro stations or entry and exit points of your city bus. We do not have the luxury to take 10-15 seconds to process the transaction, when it comes to this particular use case. That takes online authentication out of the picture. Offline authentication is the method of authentication where transaction is authorized locally by the instrument itself without traveling to issuer host system over the network.

The technology commonly used for this type of transaction processing is RFID (Radio Frequency Identification). When you are issued a card or a sticker or any other form factor, it typically contains an RFID chip, which communicates with the receiver installed at the gates of transit system to read the balances and post transactions. The instrument used for this purpose is typically a prepaid card, where the balance is updated at the CHIP locally, hence eliminating the need to communicate with the server every time transaction needs to be processed.

There are combo version of these cards also popular, which are nothing but debit/credit cards with either an additional RFID Chip embedded inside the plastic dedicated for transit payments prepaid card or have a separate dedicated block in the EMV chip for this purpose. Essentially they are for all practical purpose two cards linked to a single plastic.

How a typical transaction works?

Transaction at single interaction point like toll-gate is very simple because there is a fixed amount to be deducted every time you pass through the gate. The receiver installed the gate access the balance on your Fastag and update the balance by deducting the fixed amount.

Transactions with two gates i.e. interactions at entry and exit points like metro gates or city bus are slightly more complex. In this case at the time of entry the receiver installed at the gate checks the balance and updates the entry point on the CHIP. At the point of exit when you flash your card the receiver at the exit gate calculates the fare based on the entry point and deducts the amount from the prepaid card updating the balance accordingly.

How the card is reloaded?

Reloading of these cards works very similar to any other prepaid wallet or prepaid SIM, where you go to partner bank’s point of interaction Branch, ATM, NetBanking, Mobile Banking etc (depends on the partner bank) provide your unique ID (ID tagged to the RFID Chip) and make the payment.

The bank then communicates this to the transit partner and this reload transaction is updated in their system. The moment your card comes in contact with the sensors at transit partner the balance is updated in the CHIP. You can alternatively access special devices installed by the transit partner for specific purpose of load/reload of transit card. This can even be done over the counter by transit partner.

In JMRC project we even had provision of stand-in instruction wherein every time sensors at transit partners read the balance in your transit card go below a pre-set threshold the bank will get a file from the transit partner with all such card IDs, banking partner will then debit their respective linked accounts by a predefined amount and send the file back to transit partner to update the balances in their systems.

NPCI has developed specifications under Rupay Contactless Product umbrella, which is now the basis for NCMC (National Common Mobility Card), which is expected to be the dominant mode for transit payments in near future.

Sahamati and Account Aggregator Ecosystem

First time I became aware of the consent layer iSPIRT was working on was sometime around late 2016, when my then boss (who happened to meet Nandan during some event they both attended and heard about it from him), asked my keep my eyes on it because this is going to be something really big for Indian digital ecosystem. I scanned to through my contacts and found out that it was work in progress and I will get to know when they are ready. After that conversation I put it in the back-burner.

Then sometime during July 2019, I came across this article and I was eager to find more about the next big thing happening in Indian digital ecosystem so I attended a workshop on Sahamati conducted by iSPIRT in Aug, 2019. In this post I will attempt to explain what all the noise is about, what excites me and my disappointments with this entire venture based on what I know about it through various sources and what I learned in the workshop I attended.

What is an Account Aggregator?

Around the time when I had joined HDFC Bank in 2005, HDFC Bank used to have a product called Oneview. If you happened to have multiple accounts in different banks, you could register for Oneview and provide Netbanking credentials for all the bank accounts and we will do something called “screenscaping” through all those bank’s netbanking sites, use the credential provided by you to show the information available across all these places as a single view.

Then few years later I heard about Yodlee and then Perfios, who were offering similar services to customers or businesses, who needed to access data across multiple bank relationships. Later came multiple other businesses with similar offering and most of them were dependent on screenscaping.

The problem with screenscaping is that every time a bank made any changes to their netbanking pages, it needed changes at aggregator’s end as well. In short if was not a very efficient way of managing access and data and to top it all they were all self regulated. Considering the sensitive information they were accessing RBI decided to come up with guidelines governing these “Account Aggregators”. After these guidelines everyone was confused how to approach this. Nobody knew what to do, not even RBI (based on my conversations with some of the players in the space, who happened to seek clarifications from RBI on this subject matter). Some of these players applied for the license from RBI under AA-NBFC category but there was still confusion, till came Sahamati.

As per the information shared at the time of workshop there were total eight entities who had received in principle approval from RBI to set up AA-NBFC. The names I remember from those 8 are, FinServ (CAMS), FinVu (Cookiejar Technologies), OneMoney (FinSec AA Solutions), Jio Information Solutions, Yodlee Finsoft and National E-governance Services (NeSL).

What is Sahamati?

As their website says: DigiSahamati Foundation is a Collective of Account Aggregator ecosystem set up as a non-Government, private limited company (With the new Companies Act of India, not for profit companies are governed under Section 8).

What Sahamati has built is a consent protocol that is approved by government and a way for customers to legally provide their smart and informed consent to the information user (FIU) for then to use one of the Account Aggregators (AA) to access your data from information providers (FIP).

Representation of flow of consent and information in AA ecosystem (Image Credit: Sahamati)

How it works?

Step 1: Account aggregator will be establishing connectivity with various FIPs like Banks, Mutual Fund AMCs, Insurance Companies, Government Portals like Tax/GST etc (the scope might be extended to non-financial data sources as well, depending on the adoption of the platform). Once that connectivity is established AA will be ready to access the customer information from these institutes.

Step 2: Customers will have to register with one or more of these AAs and link his/her various financial relationships with his profile created on the AA platform. AA will seek one time authentication as prescribed by FIPs from the customer and link the details, upon successful validation.

Step 3: When customer visits the FIU for any service (could be Financial Advisor or Loan Application etc) that requires them to access his/her financial information they will ask the customer to select their AA and provide their consent to access the information to the AA.

Key attributes of consent (Image Source: Sahamati)

Key Attributes of the Consent: The consent given by user will clearly state the duration for which the data is to be pulled, the time period for which the data can be accessed, frequency, revocation allowed or not, access type along with the purpose of the consent. This is to make sure the user is clearly aware of the access being granted and tag the usage of this information along. Use of this information for any other purpose than what is stated in the consent artifact is not allowed.

Step 4: After validating the consent AA will access all the information requested from respective FIPs and transfer it to the FIU in encrypted form. AA will have no access to this information and they will just act as a pass-through.

Why is this the next big thing in Indian Digital Eco-system?

In order to enhance the digital eco-system ownership, access and sharing of data is very important. AAs coupled with consent architecture proposed by Sahamati is a great first step in that direction because it enables seamless transfer of data from FIPs to FIUs, with informed consent of the user, while restricting the use of data thus shared with-in the stated purpose. This is a certain upgrade over sharing photocopies of various statements and other documents at the time of application.

Why am I disappointed?

Imagine you buy a SIM card from Airtel and you are told that with this SIM card you will be able to call only Airtel numbers and not Jio or Vodafone numbers, in order to do that you will have to buy Jio and Vodafone SIM cards. Would you like this scenario.

In the current way it is structured there is no interoperability among these AAs, meaning an FIU or FIP will have to partner with all the AAs to ensure full coverage. It may even mean that customer may end up registering with multiple AAs. Forcing organizations or users to maintain multiple relationships for the same service seems like a very inefficient way of doing something. Imagine multiplication of resources needed to run this kind of set-up, setting aside the inconvenience it would be for all the parties involved. This one problem can prove to be the biggest reason this entire exercise will fail to reach its full potential.

What disappoints me even more is that this comes from same set of people, who proposed UPI, where one of the key strengths of the protocol is the interoperability it offers. This is one of the key aspects, why it could be even called a wallet-killer. If wallets were interoperable, a user would have found lesser motivation to switch to UPI (I am not saying this is the only point of comparison, but in the context of this post I am sticking to this one.) After working of so many years and coming from an independent body, I would have expected this construct to provision for interoperability. We may need to create a new central body for this purpose or assign this responsibility to one of the existing and capable organizations like IDRBT or CERSAI. We may even explore to build this entire thing on blockchain to eliminate the need of having a trusted central body.

In fact I would really be happy to see this entire thing was built on blockchain based trustless architecture and I am sure we have enough capable minds among us to give this a shot and come up with something genuinely innovative and superior than what has been proposed.

EDIT: An error was pointed out by one of our readers regarding the interoperability bit. While what I meant with interoperability was AAs connecting among themselves, there is no need for all FIU and FIP to tie up with all AAs. I am copying below the relevant section from Sahamati website that highlights how it can be achieved.

As an AA, does an AA have to seek out, build partnerships with, and integrate with each new FIP or FIU separately?

No. The AA ecosystem is designed so that each FIP and FIU is enabled to work with every AA in the ecosystem network, rather than only with those with whom they have a bilateral situation. Once any FIP/FIU is certified and added to the Central Registry, any approved AA can connect with them. This Central Registry is akin the DNS server of the internet world.

For any queries regarding Sahamati, one can check out their FAQ page. They also have a very rich blog where they keep publishing about various aspects of AA ecosystem and interesting use cases.

Co-branded Cards: Can It Go Beyond Branding

I had come across multiple news items regarding various co-branded cards like RBL Bank launching co-branded card with Zomato and HDFC Bank launching co-branded cards with Indigo Airlines. These stories prompted me into writing down my thoughts on this very popular product category among payment cards.

During my days in Banks I had worked on a co-branded card program in partnership with Jet Privilege. Apart from printing the Jet Privilege logo and customer’s JP number on the card the partnership also brought a common/shared reward program. From customer’s perspective customers could earn their credit card reward points in the form of JP miles and also get other promotional benefits that Jet Privilege was offering to its members. It has been years since and so far the fundamentals of co-branding remains the same.

In today’s day and age when mobile phone is increasingly becoming the preferred payment instrument instead of card plastic, specially with brands like Zomato and Indigo Airlines, I would have expected co-branded cards to offer benefits beyond shared promotions and rewards. Call me a demanding customer but if the common goal of co-branding exercise for both the brands is customer acquisition and retention, wouldn’t offering superior transaction experience across shared brand will enhance the offering even further. While banks are still in denial about UX being a key part of customer acquisition and retention strategy, brands like Zomato must know this very well.

One of the examples of how co-branding can go beyond shared rewards and also offer superior transaction experience between shared brands (specially for mobile phone universe) is single click transaction with partner brand. As part of co-branding exercise both entities exchange the customer identities at their respective ends, why not shared authentication.

When I implemented 3 D Secure, which is the back bone of online 2 factor authentication process for Visa (branded as VbV – Verified by Visa), MasterCard (branded as MasterCard Secure Code) and Diners cards, there was a model called Issuer Trusted Party of ITP, which allowed issuers to enable trusted third parties to perform 2nd factor of authentication during online transactions.

If I take Zomato and RBL Bank as sample case here, RBL can register Zomato as trusted third party and allow Zomato’s customer authentication as 2nd Factor Authentication by-passing Bank’s OTP during the transaction. This would mean that RBL Bank’s Zomato co-branded card holders will not only get the shared rewards and promotions, they will also have better transaction experience than any other card holders, thus making the case even stronger for customers to go for this card.

I am not sure how strong Zomato’s customer authentication mechanism is to be used at 2nd factor authentication for payment transaction but in this digital age they should have a strong authentication, if not they must work on it then.

Phone pe Loan or Loan pe Phone

These days every other Fintech struggling to find a sustainable revenue model is trying to become a lending company. While the bigger ones with enough capital are going with their own NBFC, smaller players are using credit lines from other NBFCs. However even when these start-ups are using credit line they end up offering FLDG (First Loss Default Guarantee) up to a certain degree to the NBFCs, thus actually owning the risk. This phenomenon has become so common that many pundits of the start-up ecosystem have proclaimed lending a feature.

As the title of the post suggest, two key models emerge:

Phone pe Loan: This model involves user downloading the app of the lender and then lender using various data points collected from the phone to underwrite the loan. Linking the lending to a mobile app gives lender access to multiple non-traditional data points like SMS, Call logs, Location etc, giving lender information like users finances (through SMS), your social connects (through call logs), your home and work address (through location data) etc providing lender enough information to underwrite the loan even without traditional credit score. This works well in Indian context considering only a small population in India has credit history. This also gives user anytime-anywhere access to the loan thus closely mimicking the credit card business. These loans are usually low ticket short duration loans where the lions share of lenders income comes from processing fee instead of interest. Multiple loans taken and paid back over a period of time constantly feeds into your profile with the lender and helps in the underwriting.

Start-ups like SmartCoin, MoneyTap, Early Salary are some key names in this space. Nowadays even companies like Ola and PayTM have come up with Postpaid offerings, which can be categorized in this category with difference being access to certain proprietary data like your activity in Ola Cabs and your PayTM app transactions respectively.

Loan pe Phone: Other prominent model perfected by Bajaj Finance and Home Credit is consumable financing i.e. offering loan linked to a purchase giving customer an option to pay in EMIs instead of upfront payment. In this model lender usually strikes a deal with either the merchant or the manufacturer to subvent the cost of loan thus making the loan to customers practically interest free. Since the subvention money is paid to the lender by merchant or manufacturer onetime makes this much more lucrative to the lender, when compared to the interest paid by customers as part of EMIs. When you get into the details you will be able to see the interest rate applied and the amount subvented by the manufacturer or merchant.

Merchants or manufacturers in this process effectively let go of some of their margin in the interest of gaining a transaction, which they may have ended up loosing due to customer’s inability to make upfront payment. Entire credit card industry had been built on this very concept. Originally one of the key reasons merchants had agreed to pay MDR from their margin because credit cards increased customer’s capacity to pay. (Merchants pay higher MDR for American Express or other premium variants of Visa, MasterCard and Diners, because of the belief that these cards offer higher capacity to spend)

In fact nowadays most of the credit card companies have also started offering EMI option under similar arrangements to its customers. Recently I have seen many banks extending this option through their debit cards.

This model is not new though, many manufacturers of high value goods like cars run their own lending companies to finance the purchase. This was later adopted by bike manufacturers. Now when your phones are as expensive and sometimes even more expensive than a bike why would phone manufacturers stay behind. That is why now we are seeing companies like Xiaomi (Mi) getting into lending business adopting “loan pe phone” model.

Online variation of similar model is nowadays popularly being referred as “pay later” and companies like Zest Money, Lazy Pay (PayU) etc are operating on this very model with varying degree of subvention.

UPI for Cash Transactions

Recently two news items hit the round, one with PhonePe launching ATM services through their merchant partners and another with NPCI releasing guidelines for cash withdrawal at local retailers on the lines of Cash at POS model. How this transaction works will be easy to understand once we know that the accounting for Cash Withdrawal transaction at merchant outlet is same as purchase transaction i.e.

Dr Customer Account

Cr Merchant Account

This gave me an idea, why not extend this to business correspondents to offer Cash Deposit and Cash Withdrawal both to customers through UPI. The accounting entry for Cash Deposit is as follows:

Dr BC Account

Cr Customer Account

Business correspondent will process the transaction as a push credit to customer’s VPA through the UPI app offered by his/her Bank. Most of the big banks are already having their own UPI apps and it will not be of any difficulty to integrate these APIs with their BC app or app provided by their agent service provider. This will not only ensure an easy way to offer cash services to a wider network, while also ensuring interoperability. The guidelines to cover transactions across Business Correspondents network are already in place.

Cash Remittance: This service can also be extended to offer third party cash deposits, under the already existing Domestic Money Transfer (DMT) guidelines.

This transaction set can even be extended to offer innovative Cash Management services by tracking the cash needs at local retailers and moving cash among nearby retailers depending on their cash needs and the Cash Management company can even register as a third party provider under the UPI framework supported by one or multiple Banks as PSP. A Google Pay for B2B, if you must. If this service becomes successful, one can petition NPCI to increase the limits for such types of transactions to allow for larger sums. I am certain with UPI at the back-end it will be much cheaper than Bank fees.

Feel free to reach out to me, if any of you want to brainstorm further on this.

How will UPI based payments app make money?

I have come across multiple articles highlighting how after abolition of PSP fees for UPI transactions, there will be no way for UPI apps like Google Pay, PhonePe etc, to make money. I tried to do some thinking on this subject and will try to present my thought process here.

The purpose with which UPI was launched was to offer merchants a convenient way to accept and process payments, meaning every merchant with a decent technology team will be able to become a PSP and accept payments from customers. This meant that instead of going to a CCAvenue or Billdesk or TechProcess or Atom, merchant will be able to become a PSP to accept payment through UPI. Under traditional arrangement merchant would be paying a fee to the payment gateway (since we are talking UPI, the equivalent payment mode for this in traditional way would be Netbanking) to the tunes of around 1.4% thus becoming a PSP would be a cheaper and preferred way for merchants.

If we look at it from above perspective the motive of UPI P2M was never to offer new business models to players like PhonePe instead it was intended for Amazon to accept payments at cheaper rate with more convenience by launching Amazon Pay as a native payment mode. Many players in the industry like MakeMyTrip, Swiggy, Cleartrip etc are using UPI with the intent of giving a native payment experience.

If we talk specific of Google Pay, Google’s primary source of revenue is ads. So far google was able to track efficiency of an ad up to the point of click. With a native payment mode, google can actually track right up to fulfillment step. This was one of the reasons Google has been trying to launch a payment app for many years now. UPI offers them a cheap and efficient way to do that thus making their job much easier. Even if they don’t make a single penny from processing payments, they gain a lot by way of gathering valuable information, which can generate significantly higher returns in the form of helping them enhance the efficiency of their ads.

Let’s talk BharatPe now. I think they will face the biggest heat of this decision even to the extent of making their entire current business model unviable and force them to think of alternate sources of revenue. Most of their merchant base is smaller businesses and their business is completely dependent on UPI P2M. In my opinion, one of the key sources of revenue for them will be providing access to various online/offline products dedicated for SMBs to their merchant base and generate commission income in the process. In the long run they will have to create additional products and services for their target client base and charge them for those.

PayTM is another big player, who will be hit with a double edged sword in the form of WhatsApp Pay for P2P and zero fee for P2M. However based on their recent move they have already made peace with zero P2M fee and seems like they know what they are doing.

Last big player in this bandwagon is PhonePe. What would be the fee being paid by Flipkart and its other group entities for processing NetBanking payments? If that entire volume shifts to UPI, that would be the extent of saving PhonePe would be generating for Flipkart group. Would this make PhonePe a multi-billion dollar entity it has been projected to be? The simple answer is, no. They would not have become that multi-billion dollar entity relying only on UPI P2M revenue anyway. They already have shown their ambition of becoming a financial services conglomerate in the lines of PayTM and continuing to acquire users and merchants on their platform and processing transactions for them is in their interest, even at the cost of burning cash.

डिजिटल भुगतान: कार्ड पेमेंट (पार्ट-४): धोखाधड़ी की रोकथाम

यह कार्ड भुगतान पर मेरी श्रृंखला का अंतिम भाग है और इस पोस्ट में मैं कार्ड उपभोक्ताओं को लक्षित कुछ आम धोखाधड़ी के तरीकों को कवर करने की कोशिश करूँगा। हम यह भी देखेंगे कि आप इन सबसे अपनी रक्षा कैसे कर सकते हैं।

स्किमिंग: लेनदेन के समय आपके कार्ड की जानकारी चुराने और फिर उस जानकारी का दुरुपयोग करने की प्रक्रिया ‘स्किमिंग’ है। स्किमिंग के द्वारा आपके कार्ड पर धोखे से लेनदेन की जाती है। इसमें जब भी कार्ड को पीओएस या एटीएम डिवाइस पर स्वाइप किया जाता है तो जालसाज स्वाइप के समय कार्ड की जानकारी चुराने के लिए एक बाहरी कार्ड रीडर को अटैच करता है।

इस तरह की धोखाधड़ी को रोकने के लिए सबसे प्रभावी उपाय चिप (ईएमवी) कार्ड का प्रयोग है। आरबीआई ने सभी कार्ड जारीकर्ताओं को यह सुनिश्चित करना अनिवार्य कर दिया है कि जारी किए गए सभी डेबिट और क्रेडिट कार्ड चिप कार्ड हों। एटीएम मशीनें अपने कार्ड रीडर्स को ऐसे डिजाइन कर रही हैं ताकि किसी भी अतिरिक्त बाहरी घटक को अटैच करना मुश्किल हो सके। पर अपने-आप को इससे बचाने के लिए कुछ सावधानियाँ इस प्रकार हैं:

एक स्किम्मर का उदाहरण

१. सुनिश्चित करें कि कार्ड हर समय आपकी दृष्टि में रहे और जिस डिवाइस पर कार्ड स्वाइप किया जा रहा है वह आपको स्पष्ट रूप से दिखाई देता रहे। और इसमें कोई बाहरी घटक डिवाइस से जुड़ा हुआ नहीं रहे।

एटीएम स्किम्मर

२. एटीएम का उपयोग करते समय सुनिश्चित करें कि एटीएम के कार्ड रीडर से कोई बाहरी घटक जुड़ा हुआ नहीं है (कई एटीएम जो अभी भी चुंबकीय रीडर का उपयोग करते हैं, कार्ड रीडर में कार्ड प्रविष्टि को बाधित करने के लिए “जिटर ” का उपयोग करते हैं; जो यह सुनिश्चित करता है कि कार्ड डेटा बाहरी डिवाइस द्वारा कैप्चर नहीं किया जा रहा है)। कार्ड रीडर पर किसी बाहरी घटक संलग्न होने की पहचान करने का एक तरीका कार्ड रीडर से प्रकाश के “ब्लिंक” होने को सुनिश्चित करना भी है। यदि आप स्पष्ट रूप से कार्ड रीडर पर प्रकाश नहीं देख सकते है तो उस एटीएम का उपयोग करने से बचें।

इस प्रकार की धोखाधड़ी लोकप्रिय पर्यटन स्थलों में विशेष रूप से प्रचलित है। कारण यह है कि कार्ड एक पर्यटक का है जो अपनी अपने घर लौटकर बाहर में की गयी कार्ड गतिविधियोँ की समुचित जाँच और पूछताछ नहीं कर पाता। यात्रा के समय आपको कार्ड को लेकर ज्यादा सचेत रहना चाहिए। अपने हाल के ऑस्ट्रेलिया दौरे पर मैंने देखा कि वहाँ के दुकानदार आपको खुद से कार्ड स्वाइप करने के लिए प्रेरित करते हैं, जो एक सुरक्षित तरीका है।

फ़िशिंग: फ़िशिंग वही है जो इसका शाब्दिक अर्थ लगता है (मछली पकड़ना)। इसमें जालसाज, लोगों को अपनी संवेदनशील जानकारी प्रकट करने के लिए लक्षित करता है। फ़िशिंग के बारे में जानने का एक और मनोरंजक तरीका है, नेटफ्लिक्स “जामतारा” वेब-सीरीज जो एक दूरदराज शहर के युवाओं के एक दल द्वारा चलाए जा रहे टेली-कॉलिंग फिशिंग रैकेट पर आधारित है।

विकिपीडिया परिभाषा के अनुसार, “इलेक्ट्रॉनिक संचार में फ़िशिंग एक छुपे हुए जालसाज द्वारा उपभोक्ता का नाम, पासवर्ड और क्रेडिट कार्ड विवरण के रूप में संवेदनशील जानकारी प्राप्त करने के लिए धोखाधड़ी का प्रयास है।”

यदि आपको अपने जारीकर्ता या किसी अन्य इकाई से कॉल, एसएमएस या ई-मेल प्राप्त होता है जिसमें आपसे कार्ड नंबर, पिन, सीवीवी, ओटीपी, नेट बैंकिंग आईडी और पासवर्ड आदि जैसी संवेदनशील जानकारी साझा करने का अनुरोध किया जाता है तो इस तरह की धोखाधड़ी से खुद को बचाने का एकमात्र तरीका यह है कि किसी भी माध्यम पर अपनी संवेदनशील जानकारी साझा न करें। आपका बैंक कॉल, एसएमएस या ई-मेल पर ये विवरण कभी नहीं पूछेगा।

वेबसाइट स्पूफिंग: इसमें धोखेबाज एक वेबसाइट बनाएंगे जो किसी अन्य विश्वसनीय इकाई की वेबसाइट की तरह दिखती हो; यहां तक कि यूआरएल भी समान दिखता हो (सामान्यतः इसमें किसी एक करैक्टर को बदल दिया गया रहता है)। इसका बचने का एक सरल तरीका है कि आप ई-मेल या एसएमएस पर प्राप्त लिंक पर क्लिक करने के बजाय यूआरएल को स्वयं टाइप करें।

स्पूफ़िंग का एक उदाहरण

वेबसाइटों द्वारा उपभोक्ताओं को सही पेज पर पहुँचाने के लिए कुछ चेक और नियंत्रण दिए जाते हैं। उदाहरण के लिए, कुछ वेबसाइटों में एक छवि या संदेश प्रदर्शित होता है जिसमें आपको संवेदनशील जानकारी इनपुट करनी होती है। एचडीएफसी बैंक नेटबैंकिंग एक तस्वीर और आपके द्वारा चयनित संदेश अपने लॉग-इन पृष्ठ पर प्रदर्शित करता है ताकि यह सुनिश्चित किया जा सके कि आप अपनी जानकारी प्रामाणिक बैंक के पेज पर डाल रहे हैं न कि किसी अन्य स्पूफ्ड वेबसाइट पर।

सोशल इंजीनियरिंग: धोखाधड़ी का यह तरीका किसी उद्देश्य के लिए उपयोग की जा सकने वाली गोपनीय या व्यक्तिगत जानकारी को प्राप्त करने के लिए जालसाज द्वारा प्रयोग में लाया जाता है। ऊपर बताई गई ‘फिशिंग’ एक प्रकार की सोशल इंजीनियरिंग है। इस संदर्भ में सोशल इंजीनियरिंग के कुछ अन्य तरीके हैं ‘विशिंग’ – जहां धोखेबाज किसी कंपनी के ग्राहकों से संवेदनशील जानकारी प्राप्त करने के लिए उसके आईवीआर (इंटरएक्टिव वॉयस रिस्पांस) की नकल करेंगे; या फिर ‘बेटिंग’ – जिसमे जालसाज आपको ई-मेल या एसएमएस पर एक लिंक भेजेगा जिससे आप कुछ इनाम या कुछ नुकसान के खतरे के वादे के कारण संक्रमित लिंक पर क्लिक कर बैठेंगे।

वास्तविक दुनिया में नाइजीरिया या सूडान का कोई राजकुमार आपके साथ अपनी संपत्ति साझा करने के लिए मरा नहीं जा रहा; न तो आपने किसी कोका-कोला या रीडर्स-डाइजेस्ट की लॉटरी जीती है। आरबीआई या आयकर विभाग भी आपके खाते में पैसे नहीं डाल रहे, और न ही पीएम नरेंद्र मोदी आपको स्विस बैंक से वापस लाये पंद्रह लाख रुपये देना चाहते हैं। इस लिए अपना बैंक अकाउंट या कोई अन्य व्यक्तिगत जानकारी किसी को न भेजें। रसोई गैस की सब्सिडी पाने के लिए भी आपको बस अपना आधार कार्ड अपने बैंक अकाउंट से लिंक करना होता है, और कुछ नहीं।

मनी-म्यूल: एक मनी-म्यूल जिसे कई बार ‘समर्फर’ भी कहा जाता है, वह व्यक्ति है जो धोखेबाजों को अवैध रूप से पैसे हस्तांतरण में मदद करता है। यदि आपको कोई ऐसी कहानी सुनाता है कि उसे बहुत सा धन ट्रांसफर करना है और आपके अकाउंट को कुछ दिनों के लिए पैसे “पार्क करने” और फिर आगे ट्रांसफर करने का जरिया बनाना चाहता है तो समझ जाएँ कि आपको एक बड़े फ्रॉड में फंसाने की तैयारी है।

जब पैसा डिजिटल रूप से ट्रांसफर होता है, तो यह एक “ट्रेल” यानि निशान छोड़ देता है और इसका उपयोग जालसाज की पहचान करने और गिरफ्तार करने के लिए किया जा सकता है। इससे बचने के लिए धोखेबाज बड़ी संख्या में विभिन्न खातों के माध्यम से पैसे भेजकर एक विस्तृत निशान बनाते हैं। यदि आप एक मनी-म्यूल के रूप में कार्य करते हैं तो आप धोखाधड़ी में एक सह षड्यंत्रकारी बन जाते है और किसी भी आपराधिक कार्यवाही होगी तो आप उत्तरदाई होंगे। तो थोड़े फायदे के लिए अपराधी बनने से बचें।

अपने मोबाइल फोन की रक्षा करें: इन दिनों डिजिटल लेनदेन के समय आपका मोबाइल फोन बहुत महत्वपूर्ण हो गया है। कई मामलों में आपके मोबाइल डिवाइस का उपयोग प्रमाणीकरण के एक मोड के रूप में प्रयोग किया जाता है। अधिकांश समय आपके मोबाइल फोन पर प्राप्त ओटीपी का उपयोग २-कारक प्रमाणीकरण के रूप में किया जाता है और कई बार वेबसाइटों और मोबाइल ऐप्स आपके कार्ड विवरण को स्टोर करते हैं।

अब आप कल्पना कीजिये कि आपने अपना फोन खो दिया और वह किसी जालसाज को मिल गया। आपका फोन अनलॉक है क्योंकि आपने फोन को पासवर्ड या फिंगरप्रिंट से प्रोटेक्ट नहीं किया है। जालसाज ने देखा कि अपने फोन में आपने अपने टेलीकॉम ऑपरेटर का एप्प रखा है जिसमे आपका कार्ड इन्फॉर्मेशन भी सेव किया हुआ है। अब वह जालसाज आपके कार्ड की जानकारी और आपके फोन पर आने वाले ओटीपी को प्रयोग करके कोई भी ऑनलाइन खरीददारी कर सकता है। इस घटना से आपको सिर्फ कार्ड के पीछे लिखा सीविवि नंबर बचा सकता है, पर यह जानकारी भी आपसे धोखे से ली जा सकती है।

इस मामले में मेरी एकमात्र सलाह है कि १. अपने मोबाइल नंबर को केवल उन ऐप्स/वेबसाइट पर स्टोर करें जिनका आप अक्सर उपयोग करते हैं; २. अपने स्मार्टफोन पर एक्सेस कंट्रोल सेट करें चाहे वह पिन, पैटर्न, फिंगरप्रिंट या फेस आईडी में से कोई भी सुरक्षा हो, ३. अपना फोन खोने न दें और खोने पर अपने कार्ड के साथ अपना फोन नंबर भी ब्लॉक करवा दें।

अंत में एक महत्वपूर्ण सलाह यह है कि अगर आप किसी भी प्रयोजन से अपनी आईडी प्रूफ या के.वाई.सी. की कॉपी दे रहे हों तो उसपर तारीख और प्रयोजन लिख कर हस्ताक्षर करें ताकि आपका वह प्रमाण किसी जालसाज द्वारा आपके बैंक में जमा करके बैंक को कोई निर्देश देने (उदाहरण के लिए पता बदलने, कार्ड के पुनः जारी करने, पिन का पुनः जारी करने, नई चेक बुक आदि) के लिए प्रयोग में नहीं लाया जा सके।

इस लेख का हिंदी अनुवाद मेरे ट्विटर मित्र राहुल तिवारी ने किया है। आप लोग उनको ट्विटर पे @In_Blogger फॉलो कर सकते हैं।

डिजिटल भुगतान: कार्ड पेमेंट (पार्ट-३): सुरक्षा

कार्ड भुगतान पारिस्थितिक तंत्र को उसके पूरे वैल्यू-चेन में शामिल विभिन्न पक्षों की सुरक्षा की दृष्टिकोण से डिज़ाइन किया गया है। मैं अपने “डिजिटल भुगतान” (पेमेंट) सीरीज में इस लेख को इन सुरक्षा उपायों के ऊपर केंद्रित करना चाहूंगा ताकि उपभोक्ता इसकी जानकारी रख सकें। कार्ड भुगतान से सम्बंधित हर इकाई, सिस्टम और प्रक्रिया को भुगतान कार्ड उद्योग (पीसीआई-डीएसएस) द्वारा स्थापित डेटा सुरक्षा मानकों का पालन करना होता है; ताकि सभी संवेदनशील जानकारियाँ किसी भी समय सुरक्षित रह सकें। 

~ कार्ड जारीकर्ता द्वारा नियंत्रण ~ 

कार्ड प्रिंटिंग: कार्ड जारी करने के समय ‘कार्ड प्रिंटिंग फ़ाइल’ बनाई जाती है, जिसे ‘एन्क्रिप्टेड’ प्रारूप में प्रिंटिंग इकाई में ले जाया जाता है। कार्ड प्रिंटिंग पूरी होने के बाद इसे नष्ट कर दिया जाता है। मैं इस तरह की एक प्रिंटिंग इकाई में गया और मैंने उसके सुरक्षा मानकों का स्वतः अनुभव किया है। डेटा सुरक्षा के साथ वे शारीरिक सुरक्षा पर भी सख्त नियंत्रण रखते हैं। वहां आगंतुकों को कई बंद दरवाजों के माध्यम से ले जाया जाता है और उन्हें जेब वाले कपड़े पहनने की भी अनुमति नहीं होती है।

चिप (.एम्.वी. कार्ड): पहले कार्ड द्वारा लेनदेन में चुंबकीय पट्टी का उपयोग किया जाता था। चुंबकीय पट्टी के साथ समस्या यह थी कि इसमें संग्रहीत जानकारी स्पष्ट रूप में संग्रहीत की जाती थी और कार्ड रीडर पर कार्ड स्वाइप करके धोखेबाजों द्वारा चोरी की जा सकती थी। कार्ड की जानकारी चुराने की इस प्रक्रिया को “स्कीमिंग” कहा जाता है। इससे उपभोक्ताओं की सुरक्षा हेतु भारतीय रिज़र्व बैंक ने अब ई.एम्.वी यानि चिप वाले कार्ड का प्रयोग अनिवार्य कर दिया है। ई.एम्.वी कार्ड का लाभ यह है कि इसके चिप में संग्रहीत सभी जानकारी एन्क्रिप्टेड रूप में होती है।

पिन प्रिंटिंग: आपके कार्ड का पिन कहीं भी किसी भी सिस्टम में संग्रहीत नहीं है। पिन जारी करने के समय पिन ब्लॉक एक जटिल तर्क और एन्क्रिप्शन का उपयोग करके उत्पन्न होता है और सीधे पिन-प्रिंटर को निर्देशित किया जाता है। पिन को सील रूप में ही मुद्रित किया जाता है, और केवल पिन मेलर को फाड़कर ही देखा जा सकता है। इससे पिन की सूचना उपभोक्ताओं को पूर्णतः सुरक्षित रूप से पहुँचाई जाती है। इस प्रक्रिया में सावधानी का स्तर यह है कि कार्ड और पिन दोनों अलग-अलग स्थानों पर मुद्रित किए जाते हैं (उदाहरण के लिए एच.डी.एफ.सी. बैंक के कार्ड चेन्नई में मुद्रित किए जाते हैं, जबकि पिन प्रिंटिंग आमतौर पर मुंबई में होती है)। ऐसा यह सुनिश्चित करने के लिए किया जाता है कि कार्ड और पिन उपभोक्ता के पास पहुंचने से पहले कभी भी एक साथ नहीं होते हैं। इसके अलावा, कार्ड सिर्फ उपभोक्ता के पते पर ही भेजे जाते हैं। डिलीवरी-मैन आमतौर पर आपको कार्ड किट सौंपने से पहले ‘आईडी प्रूफ’ भी मांगता है।

पिन सत्यापन: लेन-देन के समय पिन को कुंजी पैड (की-पैड) पर एन्क्रिप्ट किया जाता है और एक एन्क्रिप्टेड पिन ब्लॉक उत्पन्न होता है। पिन एन्क्रिप्टेड प्रारूप में प्रमाणीकरण के लिए जारीकर्ता के पास पहुँचता है। पिन ब्लॉक जारीकर्ता सिस्टम में बैक के पास उपलब्ध सूचना का उपयोग करके उत्पन्न होता है। दोनों पिन ब्लॉक की तुलना की जाती है और यदि मिलान हुआ तो पिन प्रमाणीकरण सफल होता है।

सीवीवी या सीवीसी: यह आपके कार्ड से जुड़ा तीन अंकों का कोड है और इसी सीवीवी2/सीवीसी2 कोड का एक प्रारूप आपके कार्ड के पीछे छपा रहता है । यह तीन अंकों का कोड केवल कार्ड प्लास्टिक पर उपलब्ध है और सीवीवी/सीवीसी या सीवीवी 2/सीवीसी2 (सीएनपी लेनदेन के लिए) की उपस्थिति का मतलब है कि विवरण प्रदान करने वाला व्यक्ति कार्ड प्लास्टिक का धारक है।

यह बहुत महत्वपूर्ण है कि लेनदेन के समय कार्ड-विवरण कैप्चर पेज को छोड़कर किसी भी व्यक्ति के साथ पिन और सीवीवी की जानकारी साझा नहीं करनी चाहिए। 

कारक प्रमाणीकरण (2 फैक्टर ऑथेंटिकेशन): आरबीआई के जनादेश के अनुसार भारत में सभी कार्ड ट्रांजैक्शन को ऑथेंटिकेशन के 2 कारकों के साथ प्रोसेस किया जाता है। आमतौर पर ये दो कारक नीचे दिए तीन कारकों में से किसी दो का संयोजन हैं: 

१.  आपके पास क्या है? कार्ड की दुनिया में यह आमतौर पर आपका कार्ड-प्लास्टिक होता है या यदि आप अपने पंजीकृत मोबाइल डिवाइस के माध्यम से लेनदेन कर रहे हैं, तो यह आपका मोबाइल डिवाइस हो सकता है।

२.  आप क्या जानते हैं? आपके पिन या पासवर्ड इस श्रेणी में आते हैं। यह एक गुप्त जानकारी है जिसे केवल आप और आपके कार्ड जारीकर्ता जानते हैं और मान्य कर सकते हैं।

३.  आप कौन हैं? प्रमाणीकरण के सभी बायोमेट्रिक रूप इस श्रेणी में आ जाएंगे। सबसे आम बॉयोमीट्रिक आपका फिंगर प्रिंट है। भविष्य में हम आँख की पुतली, आवाज, व्यवहार, चेहरा आदि को भी प्रमाणीकरण के लिए इस्तेमाल किया जाना देख सकते हैं ।

वर्तमान में कार्ड लेनदेन के मामले में ये दो कारक आपके कार्ड प्लास्टिक और पिन हैं, जबकि कार्ड के बगैर लेनदेन के मामले में यह आपके कार्ड विवरण (कार्ड संख्या, समाप्ति की तारीख और सीवीवी2/सीवीसी2) और ओटीपी या पासवर्ड हैं।

~ मर्चेंट द्वारा नियंत्रण

पीओएस टर्मिनल: पीओएस डिवाइस के निम्नलिखित घटक होते हैं: (१) कार्ड रीडर (२) कुंजी पैड (की-पैड), (३) नेटवर्क कनेक्टिविटी, (४ ) मेमोरी स्टोरेज और (५ ) रसीद प्रिंटर। कार्ड रीडर और की-पैड डेटा प्रवेश के समय ही उसे एन्क्रिप्ट कर देते हैं। मेमोरी में इस जानकारी को एन्क्रिप्टेड रूप में संग्रहीत किया जाता है और जैसे ही व्यापारी निपटान की प्रक्रिया करता है, डेटा मेमोरी से हटा दिया जाता है। इस नेटवर्क पर संचार एक संरक्षित लाइन के माध्यम से एन्क्रिप्टेड प्रारूप में होता है। रसीद प्रिंट करते समय आपके कार्ड नंबर जैसी संवेदनशील जानकारी को मास्क किया जाता है। 

कार्ड लेनदेन के लिए उपयोग किए जाने वाले एन्क्रिप्शन तर्क को ‘ट्रिपल-डीईएस’ या ‘3डीईएस’ कहा जाता है; जो अभी प्रयोग में आ रहे सबसे उन्नत डेटा एन्क्रिप्शन मानक में से एक है। प्रत्येक टर्मिनल के लिए यूनिक एन्क्रिप्शन का उपयोग किया जाता है, और डायनामिक अपडेट किया जाता है ताकि किसी भी संभावित खतरे से ‘की-लेवल’ पर ही निपटा जा सके। 

वॉइड और वापसी 

वॉइड और वापसी का उपयोग व्यापारी द्वारा किसी लेनदेन को पूर्ववत (‘अनडू’) करने के लिए किया जाता है। उदाहरण के लिए यदि व्यापारी ने आपके कार्ड को गलत राशि के लिए स्वाइप किया है या आपने भुगतान करने के तुरंत बाद लेनदेन के बारे में अपना मन बदल लिया है, व्यापारी टर्मिनल मेमोरी से उस लेनदेन को रिकॉल करके रद्द कर सकता है। इस प्रक्रिया को वॉइड कहा जाता है और इस मामले में जब व्यापारी निपटान प्रक्रिया करते हैं तो यह लेनदेन वहाँ से छोड़ दिया जाता है यानि आगे प्रोसेस नहीं किया जाता है। जारीकर्ता किसी भी दावे की अनुपस्थिति में तय निपटान समय सीमा समाप्त होने के बाद ग्राहक के खाते में लेनदेन को स्वचालित रूप से उलट देता है।

यदि व्यापारी ने मशीन पर निपटान प्रोसेस कर दिया है और डिवाइस से लेनदेन हटा दिया गया है, तो इसे रद्द/शून्य नहीं किया जा सकता है। इस मामले में व्यापारी रिफंड प्रोसेस करता है, यानी व्यापारी खाते को डेबिट करके ग्राहक खाते को क्रेडिट करने के लिए निर्देश भेजता है। जब व्यापारी इस लेनदेन को व्यवस्थित करता है तो इंटरचेंज के माध्यम से अधिग्रहण कर्ता द्वारा जारीकर्ता को उचित क्रेडिट निर्देश दिया जाता है। इन दिनों इंटरचेंज ‘इंस्टेंट’ रिफंड प्रोसेस करने के तरीके लेकर आए हैं । 


जैसा कि अब आप जानते हैं कि कार्ड जारी करने और लेनदेन प्रसंस्करण के समय सुरक्षित लेनदेन सुनिश्चित करने के लिए कई नियंत्रण हैं। ‘चार्जबैक’ लेनदेन के बाद ग्राहक के हितों की रक्षा करने की एक प्रक्रिया है। चार्जबैक प्रक्रिया के तहत यदि डुप्लीकेट बिलिंग, प्रदान नहीं की गई सेवाओं, वितरित नहीं किए गए सामान आदि जैसे लेन-देन के साथ कोई प्रॉब्लम है, तो उपभोक्ता अपने दावे का समर्थन करने वाले सभी साक्ष्यों के साथ अपने जारीकर्ता तक विवाद पहुँचा सकता है। ऐसे मामलों में जारीकर्ता इंटरचेंज के जरिए अधिग्रहणकर्ता के माध्यम से व्यापारी से संपर्क करते हैं और व्यापारी को आवश्यक सबूत प्रदान करने या विवाद को स्वीकार करने और लेनदेन को रिवर्स करने के लिए कहते हैं। व्यापारी डिलीवरी पुष्टि, भुगतान रसीद आदि के रूप में सबूत प्रदान कर सकता है। यदि व्यापारी यह साबित करने में असमर्थ है कि यह एक वास्तविक शुल्क था, तो मामला ग्राहक के पक्ष में बंद कर दिया जाता है और लेनदेन उलट जाता है। यदि व्यापारी यह साबित करने में सक्षम है कि शुल्क वास्तविक था, तो विवाद व्यापारी के पक्ष में बंद किया जाता है।

शून्य देयता

यदि आप अपने कार्ड के साथ भेजी गई सभी अध्ययन सामग्री को पढ़ते हैं, तो कई मामलों में आपको ‘शून्य देयता’ (जीरो लायबिलिटी) के रूप में लेबल किया गया अनुभाग मिलेगा। शून्य देयता स्टोर में की गई आपकी खरीद, या टेलीफोन, ऑनलाइन या मोबाइल और एटीएम लेनदेन के माध्यम की गई आपकी खरीद पर लागू होती है। कार्डधारक के रूप में, आपको अनधिकृत लेनदेन के लिए जिम्मेदार नहीं ठहराया जाएगा यदि:

१. आपने अपने कार्ड को चोरी या खोने से बचाने के लिए पर्याप्त सुरक्षा उपाय किये हैं 

२. आपने तुरंत अपने वित्तीय संस्थान को नुकसान या चोरी की सूचना दी है

यदि आपको लगता है कि आपके खाते का अनधिकृत उपयोग किया गया है और आप ऊपर की शर्तों को पूरा करते हैं, तो यह जानकर चिंतामुक्त रहें करें कि आपके पास शून्य देयता वादे की सुरक्षा है। कृपया इस खंड को अपने कार्ड किट में ध्यान से पढ़ें और सुनिश्चित करें कि आप इसे समझ लें।


कृपया अपने कार्ड के नुकसान या अपने कार्ड पर किसी भी संदिग्ध गतिविधि की रिपोर्ट करने के लिए उपलब्ध सबसे तेज़ माध्यम से अपने बैंक से संपर्क करें। हर कार्ड जारीकर्ता यह सुनिश्चित करता है कि टेलीफोन कॉल के माध्यम से इसकी रिपोर्ट करने के तरीके उपलब्ध रहें; जैसे एक समर्पित फोन नंबर (कृपया इस नंबर को अपने साथ रखें), मोबाइल बैंकिंग, इंटरनेट बैंकिंग आदि। 

एक संदिग्ध गतिविधि का क्या मतलब हो सकता है? इसके कुछ उदाहरण इस प्रकार हैं:

१. आपका अपने खाते में किसी ऐसी गतिविधि के बारे में एसएमएस/ई-मेल प्राप्त करना जिसके बारे में आपको जानकारी नहीं है

२. एक एसएमएस/ई-मेल प्राप्त करना जो आपको उस लेनदेन के लिए उत्पन्न ओटीपी के बारे में सूचित करता है जिसे आपने शुरू नहीं किया था

३. कोई व्यक्ति आपको फोन करके आपके कार्ड के बारे में संवेदनशील जानकारी जैसे कार्ड नंबर, सीवीवी, पिन, ओटीपी आदि के बारे में पूछताछ करता है। कोई भी बैंक कभी भी किसी व्यक्ति को फोन कॉल पर साझा करने के लिए यह जानकारी नहीं पूछता है। 

आशा है यह जानकारी आपके लिए उपयोगी रही है और आप अगली बार खरीदारी के समय भुगतान के लिए अपने कार्ड का उपयोग करने के बारे में अधिक आश्वस्त हैं। अगले भाग में कार्ड की दुनिया में हो रही धोखाधड़ी के विभिन्न प्रकारों और अपने आप को उनसे बचाने के तरीकों को कवर किया जाएगा।

इस लेख का हिंदी अनुवाद मेरे ट्विटर मित्र राहुल तिवारी ने किया है। आप लोग उनको ट्विटर पे @In_Blogger फॉलो कर सकते हैं।