Category: Banking & Finance

Customers of private sector lender HDFC Bank faced intermittent problems with internet and mobile banking on Tuesday.

“Some customers are facing intermittent issues accessing our Net Banking and Mobile Banking app. We are looking into it on priority for resolution. We apologise for the inconvenience and request you to try again after sometime,” the bank said on Twitter

Many customers took to social media to highlight the problem, which included not being able to log into their accounts through internet and mobile banking, not getting OTPs, and problems in making payments.

Database connectivity

Bank officials said that there were issues of database connectivity for some users, and the problem was resolved by evening.

In a late evening tweet, HDFC Bank said, “The issue faced by some of our customers in accessing NetBanking/MobileBanking App stands resolved.”

This is the second time in a month when customers have faced issues in accessing internet and mobile banking services of HDFC Bank.

Earlier, on March 1, some customers of HDFC Bank had intermittent problems. The outage was not widespread and was resolved speedily.

The private sector lender is, however, no stranger to technical glitches impacting its digital banking services.

Special audit

In a regulatory filing on February 2 this year, the bank had said the Reserve Bank of India has appointed an external IT firm for carrying out a special audit of its IT infrastructure.

Previously, the RBI had, on December 2 last year, directed HDFC Bank to temporarily halt the sourcing of new credit card customers as well as launches of digital business-generating activities planned under its proposed programme – Digital 2.0.

The directive had come after a sudden outage at one of HDFC Bank’s data centres impacted its digital and mobile banking and ATM and payment services on November 21, 2020, which was preceded by a similar outage in December 2019.

The deadline for implementing the Payment Aggregators and Payment Gateways (PAPG) guidelines should be extended till June to enable smooth transaction, according to Aruna Sharma, member, RBI Digitisation Committee.

The Reserve Bank of India has imposed a March 31 deadline for banks to putin place a security measure called Additional Factor Authentication (AFA), which could disrupt services since banks are not ready fully.

“My fear is that the progress we have made so far will be eradicated. Going from the digital economy to the cash economy and then coming back to the digital economy will be extremely tedious,” said Sharma while speaking at a webinar organised by The Dialogue.

Industry body Internet And Mobile Association of India (IAMAI), too, had warned that millions of such transactions could fail as most big banks are yet to comply with the RBI’s new mandate. Its request was, however, turned down. Later, IAMAI had written a letter to Niti Aayog to present its case to the RBI.

Sharma, who has been a member of the digital committee for the past two years now, said it was important that there was a level-playing field for all financial players. “While the RBI’s regulations are not being questioned and nor are its intentions to protect the data of Indians, however, it was important that the players were heard and their issues addressed.”

She further argued that while the data protection was important, it was also important to make one umbrella law for data protection. Currently, there is the FTP, IT Act, Criminalisation under the IBC, along with RBI regulations, but all of this is overlapping and not on the same page. “Coordination, and consistency is imperative between all agencies, and authorities. This, along with the fact that, there needs to be one law which implements all these acts, and together is important.”

Avimukt Dar, Co-founder IndusLaw was of the opinion that “the RBI’s stance not to extend the e-mandate timeline is likely to derail the vision of Digital Bharat and significantly disrupt the services to the consumer. India’s journey towards emerging as a $5-trillion digital economy will be hit hard during the next couple of weeks, and consumers will again bear the brunt of micro regulatory approach of policymakers. This will impact the industry and cashless transactions, which has been a huge push by the current govt and is largely enabled by the digital payments industry.”

Our Bureau

Mobikwik CEO Bipin Preet Singh, on Tuesday, said that the company is investigating the claims of some users that their data are available on the dark web. He said Mobikwik will get a third party to conduct a forensic data security audit.

Responding to reports of a massive data breach in Mobikwik’s servers, Singh came out with a detailed statement and said it is possible that any user could have uploaded the information on multiple platforms, and it would be incorrect to say it has been accessed from the company or any identified source. “When this matter was reported first last month, the company undertook a through investigation with the help of external security experts and did not find any evidence of a breach,” he stressed.

Security protocols

He further said the company is closely working with requisite authorities, and is confident that security protocols to store sensitive data are robust and have not been breached.

“For our users, we reiterate that all your Mobikwik account and balances are completely safe,” he said, adding that all financially sensitive data are stored in encrypted form in the company’s database.

According to independent cybersecurity researchers, the personal details of 3.5 million MobiKwik users seem to have been leaked and are available for sale on the dark web.

The breach was flagged by French cybersecurity researcher Elliot Alderson on March 29, but prior to that, it was raised by internet security researcher, Rajshekhar Rajaharia, in early March.

In his statement, Singh stressed that Mobikwik has robust internal policies and information security protocols, and is subject to stringent compliance measures, including annual security audits.

In a bid to assure users, he said that no misuse of credit card, debit card and wallet details is possible without a one-time password, which comes only on the registered mobile phone. He also urged them not to open any dark web or anonymous links for they own cyber safety.

Founded in 2009, Mobikwik’s payments network is one of the largest in India with more than 120 million users, three million merchants and over 300 billers. The company is also eyeing an IPO.

Experts’ view

However, experts said that it is only the data of Mobikwik customers that has been impacted in this breach. “I experienced that it was Mobikwik customers whose data have been impacted and not the customers of other companies. The personal data has been leaked and Mobikwik needs to take steps to address it,” said Prasad T, Chief Information Security Officer, Instasafe.

Experts advise that customers must change their passwords and caution that personal data can be used for purposes such as availing online bank loans.

“Globally, in many countries, there are rules that any company, which faces a data breach, must disclose it to the customers. We need to have such a law even in India as often customers are left unaware,” noted another expert.

India will be added to the watch list for potential inclusion in the FTSE Emerging Government Bond Index (EMGBI), according to FTSE Russell.

FTSE Russell, which is a leading global multi-asset index, analytics and data provider, announced this in its results of semi-annual country classification review for fixed income and equities.

Investment in G-Secs

Once India becomes part of the EMGBI, foreign portfolio investors (FPIs) could step up investment in the Government Securities (G-Sec) market, say market players.

The possibility of inclusion in EMGBI is good news for the government as its borrowing programme in FY22 is also high at about ₹12.05-lakh crore (₹12.80-lakh crore in FY21). FPI investment in G-Secs could take the pressure off banks to invest in these bonds and allow them to focus on lending.

As per the Reserve Bank of India’s latest monthly bulletin, FPIs owned only 2.10 per cent of the Central government-dated securities as of December-end 2020.

As per FTSE Russell’s December-end 2020 fact sheet, the FTSE EMGBI measures the performance of local currency government bonds from 16 countries, providing abroad benchmark for portfolio managers looking for a measure of sovereign emerging markets.

The 16 countries include Brazil, Chile, China, Colombia, Hungary, Indonesia, Mexico, Malaysia, Peru, Philippines, Poland, Romania, Russia, Thailand, Turkey and South Africa.

To join the EMGBI, a market must satisfy the market size and credit criteria. Accessibility of bonds and markets and replicability of returns are additional requirements.

“Once a market has met all the requirements, an announcement will be made that this market is eligible for inclusion into the EMGBI.

“If it continues to meet all three requirements for three consecutive months after the announcement, the market will join the EMGBI at the end of the three months that follow.”

For entry into EMGBI, the outstanding amount of a market’s eligible issues must total at least $10 billion for the market to be considered eligible for inclusion.

To remain eligible for the index, a market must maintain a minimum market size of at least half of the entry-level market size criteria.

Karnataka Bank operationalised its wholly owned non-financial subsidiary – KBL Services Ltd – on Tuesday. With its registered and head office in Bengaluru, this subsidiary is established as conceptualised under the transformation journey of the bank – ‘KBL – Vikaas’ – in achieving bank’s strategic objectives in the long run.

Quoting Mahabaleshwara MS, Managing Director and Chief Executive Officer of Karnataka Bank and non-executive Chairman of KBL Services Ltd, a press release said the formation of the first wholly owned non-financial subsidiary of the bank – KBL Services Ltd – is a significant milestone for Karnataka Bank. With this new entity, Karnataka Bank is taking a step in realigning its business strategy with the objectives of improving efficiency and achieve better results and valuation in the long run, he said.

“By moving some of the non-financial operations of the bank such as management of alternate banking channels, back-end processing activities, IT project and support, digital capabilities, business sourcing, contact centre management etc., to the subsidiary in a phased manner, Karnataka Bank will have a renewed focus on its core banking business,” he said.

Speaking at the inauguration of the subsidiary, Mahabaleshwara thanked the board of directors of Karnataka Bank for its vision and guidance in materializing this subsidiary, and acknowledged the hard work put in by the core team of the bank behind this journey.

The Directors of the bank – Rammohan Rao Belle and D Surendra Kumar – were present on the occasion.