Some of the e-wallets being used for making digital payments are still not secure to the level they should be and government as well as the Reserve Bank are monitoring the situation, a top official said today.
She said however that there is also a trade off between ease of usage and security.
"You as a customer don't want too many layers of security which make it difficult for you to use a wallet. At the same time you do want adequate protection," IT Secretary Aruna Sundararajan said.
"Some of the e-wallets are not as secure as we would like them to be," she told reporters on the sidelines of Skoch Summit.
(Also see: Government to Conduct IT Security Drill for Banks Soon, Says Prasad)
She was responding to a query on computer chipset maker Qualcomm's analysis that none of the mobile banking and digital payments applications comply with the hardware level security.
"We are happy to note that many of them (developers) have started taking action to make sure that the (systems) are secure. Whatever needs to be done, if we feel that the existing layers of security are not (enough), we will be asking them to do it," she said.
As per IT and Law Minister Ravi Shankar Prasad digital transaction in the country have increased in the range of 400 to 1,000 percent since November 9 - after Prime Minister Narendra Modi announced discontinuation of old Rs. 500 and Rs. 1,000 notes.
Sundararajan said that as volume of cyber transactions grows there will be some people who will try to breach the security.
"IT Ministry is fully conscious of this. We have already put our systems on immediate alert. We are keeping close watch on the situation. We have also issued detailed advisories to bank to see what are the steps that they need to put in place.
We have also spoken to RBI and RBI is also monitoring the situation," she said.
National Cyber Security Coordinator Gulshan Rai said financial sector is very vulnerable to cyber breach as it works on the outsourcing model where passwords are open for many vendors involved in transactions.
He said the vendors and other partners should share responsibility around security when it comes to digital cash.
"Master has so much infrastructure in the country. Visa doesn't has any infrastructure in the country. RuPay has infrastructure in the country.
"I am not advocating that they must put infrastructure here but then, must have arrangements. These companies must think of themselves as Indian and they must be ready to share, work with the government to mitigate those incidents and work out to find out root cause of those," Rai said.
He said one of the largest attack took place on Yahoo. "The situation is becoming quite challenging. More we are moving towards technology implementation, more we are becoming vulnerable," Rai said.