Warning: Creating default object from empty value in /nfs/c03/h01/mnt/56080/domains/logos.nationalinterest.in/html/wp-content/themes/canvas/functions/admin-hooks.php on line 160
Tag Archives | demonetization

A welcome twist to demonetization

Image Source: newsexperts.in

Image Source: newsexperts.in

The government’s most recent amendment mandating that wages be paid by cheque or bank transfers is a welcome by-product of the demonetization drive.

President Pranab Mukherjee promulgated with immediate effect an ordinance amending the Payment of Wages Act, 1936 on 28 December 2016 (Ordinance). Amending an 80 year old law that required payments to be made only in cash, the Ordinance allows employers to pay wages by cheque or by electronic transfer. It provides employers with the option to pay their employees in cash, except where the worker is employed in an “industrial or other established sector”. In such cases, wages must be paid only through cheque or bank transfer.

The Payment of Wages Act, 1936 (POW Act) applies to persons earning up to Rs. 18,000 per month. Importantly, it makes specific provisions for persons employed in specified “industrial or other establishment”, that is, sectors where government regulation is required for the protection of workers, (for instance, railways, coal mines, etc.).

Shortcomings of the Ordinance

Although the Ordinance has been viewed as a welcome change, it leaves certain issues unaddressed. For example, it proceeds on the assumption that all workers have functioning bank accounts, and know how to operate them. This not necessarily being the case, workers who lack such facilities may be more inconvenienced. The Ordinance also does not contain any provision aiding the transition for workers without bank accounts to be accommodated into the new regime. Ensuring that employees have functional bank accounts and are aware of how they operate would iron out major creases in implementation.

Aside from such operational hurdles, the Ordinance is expected to increase transparency in wage payments. It could reign more salaried people in under the tax net, and ensure that workers are paid the fair wage due to them.

Manasa Venkataraman is a Research Associate at the Takshashila Institution and tweets from @nasac.

Comments { 0 }

Beware the security risks before you jump onto digital payments bandwagon

Deficit in cash flow has forced users into digital payments. Without proper precautions and security policies, the highly reactive nature of cyber security leaves us vulnerable to cyber-attacks.

chaiwalla-paytmImage source: DNA India

The whole demonetization of currencies has shaken our country to its core. In the past week, we saw how it affected people at all levels and how they were coping with it, hoping for the better in the near future. While the challenges still persist, it has nudged people towards digital transactions even for their daily needs using virtual wallets, PayTM and others. Companies that enabled digital payments acted as buffers soaking up some of the pressure. In fact, there was a surge in digital payments hitting records high over the past week; PayTM saw a 200% increase in its mobile application downloads and a 250% increase in overall transactions. MobiKwik saw an increase of 200% in its application downloads within few days. Other companies within this domain such as, Oxigen and PayU have also seen a rise in their service usage.

Resultant trend maybe vulnerable to security threats

This new trend is certainly heading in the right direction towards digitization, however there is risk of casting a blind eye towards the security aspect in the whole process of adapting to this digitized lifestyle. The Nordea Bank Fraud incident that occurred in 2007 is a classic example of e-banking cyber-attack, where perpetrators infected unsuspecting customers’ systems with a malware that stole login credentials, and made off with over 1.1 million US dollars. Not even major financial corporations like VISA, PayPal, and MasterCard are invincible from cyber-attacks.

The security standards and precautions have certainly evolved since these high profile attacks. But the speed of technological developments and its integration into our economy far supersedes that of the defense mechanisms and protocols in place to mitigate any cyber-attack on these developments. It goes to show that they are unparalleled and reactive in nature which ultimately begs the question: Is it safe to utilize these new payment platforms?

PayTM for instance is certified under the Payment Card Industry Data Security Standard (PCI DSS) 2.0 certification, which is the current industry security standard set by American Express, Visa International, MasterCard Worldwide and few other international dealers. This is an essential certification for companies that store credit-card info. PayTM also uses 128-bit encryption technology to crypt any information transfer between two systems. It takes more than 100 trillion years for a hacker to crack a password under 128-bit encryption. Needless to say, transactions via PayTM are fairly secure. Other companies like MobikWix also employ the 128-bit encryption technology. This is a common security measure that companies dealing with credit card information and transactions deploy, hence there is little doubt that companies taking advantage of demonetization are employing their share of precautions for secure transactions.

Is that secure enough?

But, these precautions won’t make us invulnerable. There are other things aside from the login credentials that hackers target these days. For example, just few days back, hackers breached a British mobile company, Three Mobile’s database and stole private information on six million users. Another example is the recent massive data breach of Indian bank networks that compromised over three million users’ financial data. The breach occurred between May 25 and June 10, victimizing major banking companies, including HDFC Bank, ICICI Bank, YES Bank, and Axis Bank. This stolen data can be sold underground, used for identity theft, or strengthen brute force attacks for further personal attacks.

These breaches may appear sophisticated, but there are other easier methods that anyone with basic IT skills can deploy. For Instance, here is an article by a hacker displaying the html code on how to fake the PayTM website. Using a spoofed site, a hacker can use phishing tactic to gain login credentials from unsuspecting users. Other tactics include fake mobile applications or spyware that steal information, social engineering tactics that make you reveal your login credentials, etc. This is nothing new however; spoofing, phishing, and spyware have plagued the IT security industry for more than a decade, with their tactics getting increasingly sophisticated.

But, if companies like HDFC and ICICI, which are most likely proactive in updating their security systems, still experienced cyber-attacks, what does that imply about unsuspecting users? Most new users were forced onto the digital payments bandwagon due to the currency demonetisation. Especially street-vendors, who were primarily reliant on cash payments before the demonetization, such as the Chai-wallas and Pan-wallas that were quick to adapt so as to maintain their revenue. Are these new users aware of the security risks involved here? I highly doubt it. Even if they are aware of the risks, whose responsibility is it and what precautions can they take to minimize damage from future attacks?

Whose responsibility is it?

It is not a single entity’s responsibility. Everybody involved in the process, including companies offering the service, the customers, and the government should do their share to mitigate cyber-attacks and minimize its damages. The following is a three pronged approach for companies, customers and the government to mitigate security risks:

digital-payment-risk-management

Companies

All companies that offer platforms or services enabling digital payments should, first and foremost, increase awareness of the risks among their customer base and educate them on ways to secure themselves. Employ behavior analytics and pattern analysis at their fraud departments to predict suspicious behavior. Stay proactive in looking out for any spoofed applications or websites that masquerade their service. Proactively monitor discussion boards, social media platforms, and forums that discuss hacking and fraud tactics, and implement proactive measures to thwart their tactics.

Government

The Government should also do its share to protect its citizens by minimizing vulnerabilities. It should check if the current policies regulating this platform are adequate, and update it if necessary. Educate the populace on the risks involved. Enforce strict policies and hold companies accountable for not meeting security standards. Minimize benefits that come from overlooking security precautions. And, strengthen public-private partnership on live information sharing about cyber-attacks and fraud.

Customers

Customers should do their share to minimize damages. They should educate themselves about the risks involved, and take appropriate precautions. Minimize vulnerability with two-factor authentication and routine password changes. Check for applications’ authenticity by looking for the number of downloads and reviews by other users; the higher the number of downloads and reviews are, the higher the chances that the application is legitimate. In addition, check for other application releases from that developer. Check for website’s authenticity by checking for proper spelling of the web address, or if the website is secure by checking for a green padlock symbol on the left to the web address, and that the address starts with ‘https:’ Keep the web browsers updated as they can recognize illegitimate sites easily. Do not share sensitive information including login credentials over emails, phone calls, or chats. Lastly, trust your instincts and double check to make sure you don’t leave yourself vulnerable.

Puru Naidu (@Brocolli88) is a Research Analyst at the Takshashila Institution

Comments { 0 }

Demonetising a currency

Adopting another currency or introducing a new currency does not solve the economic crises, unless it is followed by massive corrections in the macroeconomic fundamentals.

 The Central Bank of Zimbabwe announced that it would officially demonetise the Zimbabwean dollar with effect from 15th June 2015. Any bank account in the country which holds between zero and 175 quadrillion Zimbabwean dollars will get a flat amount of US $5. This, in effect sets the exchange rate at US$1 = Z$ 35,000,000,000,000,000

Demonetisation is the process whereby a currency of a country officially loses its status as legal tender. The Zimbabwean dollar’s usage was effectively abandoned in April 2009 itself, but was still recognised as legal tender. Legal tender or fiat money is the official status given to a currency by the central bank, whereby all citizens of that country are obliged to accept it as a means of exchange.

Demonetisation has often happened in the past. Germany has demonetised at least thrice in recent history – from Papiermark to RentenMark; from Reichsmark to Deutchemark to finally from Deutchemark to the Euro.

The process of demonetisation was seen when several European countries abandoned their national currencies to be replaced by the Euro. The other big event of demonetisation process happened with regard to gold, when the US officially closed the gold window in 1973, thereby ending the decades long gold exchange standard/Bretton Woods system.

Apart from these one-off occurrences, the process of demonetisation usually happens after a country goes through a process of hyperinflation and the currency becomes worthless. Zimbabwe’s episode of hyperinflation in 2008, where inflation rates were as high as 231 million percent, caused the Zimbabwean dollar to collapse in value. It was impossible for normal trade to occur with the national currency, as a loaf of bread cost Z$1.6 trillion at one point. As a result, currencies such as the US dollar, the South African rand and the euro were widely circulated and used in Zimbabwe.

HundredTrillionDollar

A hundred trillion Zimbabwean dollar note

 

Demonetistion is usually the last step in the fight against hyperinflation. It is the official acceptance from the central bank and the government that its currency is of little or no value and acknowledgements of its failure. Thus, demonetisation is undertaken only at severely extenuating circumstances. Countries usually try to redenominate the currency first. Redenomination is the fixing of a new value for the existing currency. Operationally, it is the equivalent of knocking of a few zeroes from the value of the currency. For example, Zimbabwe tried redenomination four times since 2006. In the first redenomination Zimbabwe removed three zeroes from the value, 13 zeroes in the second redenomination and a further 12 zeroes in the third redenomination. However, bad macroeconomic fundamentals and a bad fiscal and monetary policy framework ensured Zimbabwe’s journey further into hyperinflation.

Once a currency is demonetized, the country has two options left: 1) Dollarization/Adoption of a foreign currency – This is when the country adopts the currency of another country as its own, which effectively translates into abandoning independence in monetary policy. The monetary policy of the adopted currency become applicable and binding on the country adopting it. Usually, the dollar is adopted, but not necessarily so always. 2) Introduction of a new currency – Eventually, the country might choose to introduce another of its own currency and have a preset exchange rate with the old currency/dollars. This is done to regain independence in monetary policy.

In the final analysis, adopting another currency or introducing a new currency does not solve the economic crises, unless it is followed by large scale corrections in the macroeconomic fundamentals.

Anupam Manur is a Policy Analyst at Takshashila Institution. He tweets @anupammanur

Comments { 0 }