2. Cash Less Society
a society in which purchases of goods or services are made by credit
card / electronic funds transferral / Digital Wallet rather than with cash
3. Digital Footprints (Record mapping).
Smaller wallets (easy to carry cards, instead of rupees and coins).
Reduction in counting and accounting time.
Reduction in the cost of producing/printing coins/notes.
A healthy Financial Eco-system.
Cash stolen / Can I borrow – statements will be disappeared.
May have reward points on certain Digital transactions.
Impossible to sustain the Black Market
Criminal activity will be reduced: because it is risky to carry out criminal
transactions. Kashmir is an example, as no such activity like “patthar-baji”,
“danga” will be carried out.
Credit / Debit Cards for the month of May
ATM (in millions) PoS (in millions)
Credit Cards Debit Cards
Cards 2609.0 361406.8
Debit Cards 2163917.8 375084.1
RTGS NEFT CTS* IMPS* NACH* UPI* USSD** Debit and
PPI # Mobile
Volume in Million for the month of May
Volume in Million for the month of May 2017
RTGS NEFT CTS* IMPS* NACH* UPI* USSD**
10.4 155.8 97.1 66.7 194.4 9.2 192.6 233.4 91.3 64.9
17. Generate MMID and MPIN
SMS Banking : - SMS <MBSREG> to 9223440000/ 567676
Customer will receive the User ID and default MPIN via SMS
on Mobile no.
Change default M-PIN through any one of the chosen modes
(mobile banking application /WAP application / USSD/SMS /
Accepts the terms and conditions.
20. Cash less transactions using Feature Phones:
Steps to operate :
(for regional language you may dial *99*22#)
Type Bank Name
Enter Beneficiary Mobile Number.
Enter beneficiary MMID -(7 digit Mobile Money Identifier) / Bank IFSC and
Account number / Aadhaar Number
(you will get the same from the person you are sending the money)
Enter amount and remarks (separated by space)
Enter M-PIN to authorize the transaction and last 4 digits of your account
number (separated by space), and tap on send.
22. Cash less transactions using Feature Phones:
One have to prompt with in 10 seconds,
Otherwise the transaction fails.
Number of time an error message is there:
External application down.
Number should be registered with the bank.
Daily Limit Rs. 5000/-
23. Cash less transactions using Feature Phones:
No roaming charges
Available in Regional Languages
25. Plastic Money
Access your funds 24/7 and make purchases at millions of locations worldwide as well
as to make online transaction.
Can be used at :
PoS : Point of Sale
ATM : AutomatedTeller Machine
Debit Card : A payment card that deducts money directly from a consumer’s checking
account to pay for a purchase.
Credit Card: A payment can be made using credit/deduct money from the A/C.
31. Plastic Money – Prons/Cons
Non-Acceptance at Small Retail Outlets
Cannot be used for all daily needs
Loss & Misuse
Damage to Card
Impulsive Purchases / Overuse of card
32. Plastic Money – Security alert
Report a misplaced / stolen card
Shhhhhh. Keep your pin secret
Beware of phishing.
33. Plastic Money – Understand your debit card
CVV :Card verification value
7- Signature Panel
34. In last two years there is an increase in credit
and debit cards users by 25 and 42 percent
Credit Card Debit Card
35. PHYSICAL POS
Physical Card Swiping – PTSN
with landline / GPRS enabled
Phone connected with external
POS device through jack /
Virtual E-payment Gateway
Types of PoS
36. PoS : During most of late 1980s and throughout the 90s, stand
alone credit card devices were developed and introduced.
POS or PoS is an abbreviation for (or Point-of-
Sale, or ).
The term Point of Sale is often used in connection or
relative with the . In
the case of some locations, with wireless capable
systems or network wired via TCP/IP.
Term is applicable to a , the checkout/cashier
counter in the store, or a location where such transactions can
occur in this type of environment.
with electronic cash register systems, touch-screen
display, , receipt printers, scales and pole
38. Installation of Physical PoSTerminal
Open / identify current
account for transactions
3 Identify type of PoS
required (landline / GPRS)
2 Fill in the application form
(online / at the branch)
4 Submit following documents:
– Proof of business (any one)
• Shop & establishment registration certificate
• VAT certificate
• Sales tax
– Proof of address
– Photo identity proof of proprietor / partner
– Financial details
• Bank statement
• Income tax return
5 Acceptance of MDR by merchant
6 Execution of Merchant
39. mPoS – Any GPRS-enabled touch screen mobile
phone could be converted into POS terminal
a handheld portable device with the ability to carry out a transaction
as same as Physical PoS.
Used to bridge the gap between POS systems and eCommerce
Can be use alternatively.
Affordable to repair or replace
- in a restaurant, a server could
generate the bill at the table itself.
- can used for Cash on Delivery.
40. Who is providing this service?
There are a number of mPOS
solutions providers in the
world, Infosys, Motorola, HP,
Harbortouch to name a few. In
India Mswipe,MRLpay and
Ezetap are prominent names
in this field. UK based
mPOWA recently forayed in
41. How it works ???
The mobile device could be a tablet,
smartphone and even an iPod Touch. The
basic functioning involves scanning the
product’s barcode or manually entering the
transaction details into the device, swiping the
customer’s card, taking an electronic signature
and even generating a receipt with a portable
No PoS machine required
QR code used for payment to bank account
Complete privacy of merchant bank account
Depending on the software features, retailers can
track pricing accuracy, inventory changes, gross
revenue and sales patterns. Using integrated
technology to track data helps retailers catch
discrepancies in pricing or cash flow that could
lead to profit loss or interrupt sales. POS systems
that monitor inventory and buying trends can help
retailers avoid customer service issues, such as
out-of-stock sales, and tailor purchasing and
marketing to consumer behavior.
45. Must DoPractices
• Register your mobile number at bank for regular information by SMS for every
• Transact at only trusted merchants
• Your Debit card PIN is highly sensitive and should NOT be shared.
• Make sure your PIN is not being observed by anyone while you enter it at the ATM or
• As a preventive measure change your PIN frequently.
• Memorise your PIN. Do not write it anywhere.
• Inform the caretaker / bank immediately in case you find any additional/ suspicious
/loose devices attached to the ATM.
• Press the “Cancel” button in case the ATM screen goes blank or the transaction is not
• Never forget your debit card at the ATM or billing counter after the transaction.
• Avoid entertaining or engaging in long conversation with strangers while transacting
at an ATM.
Mobile wallets are essentially digital versions of traditional
wallets that someone would carry in their pocket. They offer
payment services through which the individuals / business can
receive/ send money via mobile devices. While there are many
variations, usually they can hold digital information about
credit and debit cards for making payments, store coupons
and loyalty programmes, specific information about personal
identity and more.
Closed : Issued by an entity for facilitating the purchase of goods and services from it.
These instruments do not permit cash withdrawal or redemption. Hence, RBI approval
is not required for issuing them.
Semi-Closed e-wallets : for purchase of goods and services, including financial
services at merchant locations/ establishments.These wallets do not permit cash
withdrawal or redemption by the holder.These may be recharged upto Rs.10,000/-
only. Eg: Paytm, Freecharge, Momoe, PayUMoney, Mobikwik, Citrus, State Bank
Buddy`, Citi MasterPass, ICICI Pockets, HDFC Chillr, LIME
Open e-wallets: Used at POS [Point of sale ] terminals like funds transfer at any card
accepting merchant locations eg: E.g. M-Pesa is an open wallet run byVodafone in
partnership with ICICI Bank. Axis Bank’s e-WalletCard’, can used for making
payments on sites that acceptVisa cards, with a minimum limit of Rs 10, and a
maximum limit of Rs 50,000, and a validity of 48 hours.
Pre-paid:The wallet have to be recharged
during the transaction or it is to be
Auto/digitalWallet: first register with the
wallet; enter your card details such as card
number, expiry date, CVV and address.This
information is further validated through
one-time password (OTP). Once registered,
you can buy directly with just entering your
Consumer Wallet Limits: Rs.20,000/month for all. Rs.1 lakh/month with KYC
S THE APP
Merchant Wallet Limits: Rs.50,000/month with Self Declaration. Rs.1 lakh/month with KYC
Basic Requirements to Start Using a Wallet: Bank Account, Smartphone, 2G/3G/4G Connection & A Free Wallet
57. Unified Payments Interface
A system that powers multiple bank accounts into a
single mobile application
seamless fund routing
“Peer to Peer” collect request
Launched on 11th April 2016 by Dr. Raghuram G
Rajan, Governor, RBI at Mumbai
Transaction limit 1 L per transaction
Immediate money transfer
Virtual address Payment (VPA) of the customer for
Pull & Push (no other details required).
Single mobile application for accessing different
bank accounts - Interoperable
PUSH and PULL Payments + Scheduling
Raising Complaint from Mobile App directly.
Single Click 2 Factor Authentication (Mobile number +
MPIN + App PIN+OTP)
Utility Bill Payments, Over the Counter Payments,
Barcode/ QCode (Scan and Pay) based payments.
No need to share your name, your bank account number,
IFSC code, or bank branch
.No physical device like : debit card etc required
60. Download App
For Smart Phones:
GoTo GOOGLE PLAY STORE Or iStore & SearchWithThe Keyword “UPI”
You Can DownloadYour Bank UPIApp Or Any One of the following UPI Apps
S. No. Bank Name Android APP Name
1 State Bank of India SBI Pay
2 Andhra Bank Andhra Bank ONE – UPI App
3 ICICI Bank a. UPI Collect (or)
4 Canara Bank Canara Bank UPI - Empower
5 United Bank of India United UPI
6 Punjab National Bank PNB UPI
7 South Indian Bank SIB M-Pay
8 Vijaya Bank Vijaya UPI
9 AXIS Bank Axis Pay UPI App
10 Union Bank of India Union Bank UPI App
62. Push – Pay Money
•User log-in to UPI application
•After successful login, user selects the option of Send
Money / Payment
•User enters beneficiary’s / Payee virtual id, amount and
selects account to be debited
•User gets confirmation screen to review the payment details
and clicks on Confirm
•User now enters MPIN
•User gets successful or failure message
64. Pull- Requesting Money Bill Sharing with friends.
• User log-in to his bank’s UPI application
• After successful login, user selects the option of collect money (request for
• User enters remitters / payers virtual id, amount and account to be credited
• User gets confirmation screen to review the payment details and clicks on
• The payer will get the notification on his mobile for request money
• Payer now clicks on the notification and opens his banks UPI app where he
reviews payment request
• Payer then decides to click on accept or decline
• In case of accept payment, payer will enter MPIN to authorize the transaction
• Transaction complete, payer gets successful or decline transaction notification
• Payee / requester gets notification and SMS from bank for credit of his bank
65. Payment using QR Code
QR Code : QR code consists of black modules arranged in a square
pattern on a white background. The information encoded can be
made up of four standardized kinds (“modes”) of data (numeric,
alphanumeric, byte/binary, Kanji-logographic), or by supported
extensions virtually any kind of data. QR codes can be used for
proximity payments with UPI .Developers who are developing
merchant applications must generate a URL fully compliant to
specification in previous section and then create a QR code of that
66. Add Accounts
Go to profile
Enter Bank details
Confirm the details by input
the Debit Card details.
• User receives OTP from the Issuer bank on
his/her registered mobile number
• User now enters last 6 digits of Debit card
number and expiry date
• User enters OTP and enters his preferred
numeric MPIN (MPIN that he would like to
set) and clicks on Submit
• After clicking submit, customer gets
notification (successful or decline)
• User enters his old MPIN and preferred new
MPIN (MPIN that he would like to set) and
clicks on Submit
• After clicking submit, customer gets
notification (successful or failure)
75. Internet Banking
A banking system in which an individual/organization will perform the
transactions remotely by using login credentials.
How to use
Register with Bank; have your login credentials
Boot a machine (Smartphone/Leaptop/ Desktop) ; connect with internet; open
banks portal and go to Online banking ; Enter Login credentials.
Customer Convenience (no need to stand on queue and wait)
Malware/ Spyware in the machine.
Sharing of login credentials
77. RTGS : RealTime Gross Settlement (for Funds
(The RTGS system is primarily meant for large value transactions.The minimum amount to be
remitted through RTGS is Rs 2 lakh.The maximum limit is Rs 10 lakh per day.)
Average charges :
Amount above Rs 2 lakh upto Rs 5 lakh - Rs 25 + ServiceTax
Amount above Rs 5 lakh upto Rs 10 lakh - Rs 50 + ServiceTax
The beneficiary bank has to credit the beneficiary's account within 30 minutes of receiving the funds
78. NEFT: National Electronics FundsTransfer System
Operates on a Deferred Net Settlement (DNS) basis which settles transactions in batches
(the settlement takes place with all transactions received till the particular cut-off time.)
Average charges :
For transactions up to ₹10,000 (not exceeding) : ₹2.50 (+ Service Tax)
For transactions above ₹10,000 up to ₹1 lakh (not exceeding) : ₹5 (+ Service Tax)
For transactions above ₹1 lakh and up to ₹2 lakhs (not exceeding) : ₹15 (+ Service Tax)
For transactions above ₹2 lakhs : ₹25 (+ Service Tax)
Batch timings :
NEFT operates in hourly batches - there are eleven settlements from 9:00 AM to 7:00 PM on week
days and five settlements from 9 am to 1 pm on Saturdays
79. How the RTGS / NEFT transactions take place:
The branch should be RTGS/NEFT enabled.
An individual / organization may perform this transaction by using the Internet
An individual / organization may perform this transaction by visiting the bank. (may
have / or have not the BankAccount)
84. Cyber Crimes
• Identity Theft
• Spam and Cyber Stalking
• Infringement of privacy
• Hacking (White Hat ,Black Hat ,Grey Hat )
• Script kiddie: They are the unskilled hackers who break into computer systems by using automated tools
written by others.
• Neophyte: They are new to hacking or phreaking.
• Blue hat: These people’s expertise are used to bug-test a system prior to its launch
• Hacktivist: Hacktivism can be divided into two main groups:
• Cyberterrorism :Terrorism in cyber world is cyberterrorism. Section 66F of the ITA Act, 2008 defines the
word cyber terrorism
• Freedom of information
• Child Pornography & Pornography
• Cyber Warfare
• Cyber Squatting
• Economic Espionage
• Software Piracy and other Copyright Violation
• Computer Forgery and Counterfeiting
• Sabotage and Extortion by using Computer.
• Defamation, Hate Speech, Racist, Blogs and Xenophobic Propaganda
• Online Gambling
• Email Spoofing
• Data Dibbling
• Web Jacking and Email Bombing
85. Terminology used in the world of Cyber attack
Access - To interact with a
Active Attack - attempts to
alter a system
Blacklist - blocked or denied
Bot -Internet connected
system is secretly
mathematical algos to
provide security services
Digital Forensics - analysing
Intrusion Detection -
methods for analyzing
information, if a security
violation has occurred.
Key - numerical value used
to control cryptographic
Malware - software that
performs an unauthorized
Passive Attack - make use of
information but does not
attempt to alter the system
PenetrationTesting - evaluation
Phishing - A digital form of social
engineering to deceive individuals
into providing sensitive
Root - a set of tools to hide their
presence and control the
Virus - infect a computer and
Whitelist - A list of entities that
are considered trustworthy and
are granted access or privileges.
Data Breach - disclosure of
86. Mobile- threat
Mobile malware is rising fast, infecting nearly 13 million phones in the world during the
year first half of 2012, up to 177% from the same period a year ago.This came as the
security vendor found 5,582 malware programs designed for Android during the
month, another unprecedented number for the period.
FakeToken: steals both banking authentication factors directly from the mobile device
87. Cyber Security – good steps
PCI DSS is current industry security standard set by American Express,Visa
International, MasterCardWorldwide – an essential certification.
These companies use 128-bit encryption technology to crypt any information transfer
between two systems (It takes more than hundred trillion years to crack a password
under 128-bit encryption!) .
88. Stop; think; connect
#Never share your Username and Password.
#Avoid login from other’s Mobiles & Computers.
#Use a strong Password
#Change your Password at regular intervals.
#Use Antivirus, Antispyware and firewalls
#Run Updates regularly
#Don’t share your personal / sensitive information
89. Stop; think; connect
#Use less-targeted browser such as Chrome or Firefox.
#Ask loudly for your right to privacy: Don’t ever say I have nothing to hide, because that’s
equivalent to I don’t care about this right.
#Be careful what you download, and ask questions about the site you are downloading
90. Stop; think; connect
# Never plug your USB/Phone at the place you don’t trust.
# Clean your device or remove old software or packages.
# Frequent data backups at multiple locations.
# Use encryption to protect confidential information stored on your phone.
91. Stop; think; connect
# Patterns Lock: Set your smartphone to lock after a short idle time, and set it to
require authentication for unlocking. If at all possible, use something stronger than a
simple-minded four-digit PIN.
#Alert before Install: Mobile devices are an open gate to our privacy, secrets, and
money (mobile banking), be alert before you install any application.
# useVPN ;For publicWifi;
#Turn yourWi-Fi and Bluetooth off when you don’t use them.
# Disable java on browser
92. Stop; think; connect
#Fake emails: Never click links in emails or texts that seem to come from your bank,
the IRS, or any other institution. If you think the message might be valid, log into your
account directly, without using the supplied link.
#2FA: For social Media; always use 2-factor authentication mode.
#SSL: For online transaction check for https:// (secure socket layer)
#Phishing: Be careful on which site you are at. (Beware of phishing).
# Never save your card details during transaction.
93. Stop; think; connect
#Use virtual keyboard during transaction.
#Trust no facebook friend; the hackers may be your friend by a fake profile and steal
#Check your bank statement in a week, to avoid phishing/fraud.
#Prioritize your accounts and secure them,
#Never access zip/rar files; sent from unknown users.
#Webpages may have ads; or some ads may have malware; to protect the system ;
Block Pop-ups or use anti-Adware software/blocker. Don’t click any banner / adult
94. Stop; think; connect
Protecting your password:
Who’s looking over your shoulder?
Did you know that bystanders or co-workers can steal your passwords only by peeking at what
This is especially true is your passwords are as easy as 123456 (please change them if it’s the
Take a look around and make sure everything’s safe before typing a password. Also: NEVER
share your passwords. Ever.
If it’s your system; check the keyboard plug-in device that no “”keylogger” is attached.
Don’t do real time geo-tagging
95. Stop; think; connect
If you want air-tight security for your email account, check the
Your recovery information (create multiple accounts)
Your recent activity
Your account permissions
Your app passwords
Your 2-step verification settings.
96. Stop; think; connect
keep your inbox and devices safe:
Be careful where you submit your email address
Unsubscribe from any unnecessary newsletters
Use filters and mark emails as spam to help your email provider block it more effectively
NEVER click on links in spam emails
NEVER download and open attachments in spam emails
Disable the automatic downloading of HTML graphics in your mails
Open an additional email account to keep your most important one safe
When using social media, enhance your privacy settings so no one can see your email
If you have a website, protect your email address from automatically being scanned and
harvested by spammers.
97. Check out for the fake profile in Social Media
Step 1: Download the profile picture.
Step 2: Use https://www.tineye.com/ or Google image search to see if that profile pic is
a stock photo or if someone else has used it. If it’s fake, lots of results will pop up.
98. Google Activity log – an example
It will show you from what browsers and devices you’ve accessed it, when and from
what IP. If there’s something that you don’t recognize there or an old session from a
friend’s computer, you can choose to terminate it.
Same option is available for many other online accounts, such as Facebook,Yahoo or
Dropbox.Access it to monitor where your accounts have been used and end any
sessions that you don’t recognize.
If you also activate two-factor authentication, your accounts will be more secure
99. Cyber crime as business
Search for new ways to monetize their attacks (sell data on the DarkWeb, purchase
new types of ransomware that is impossible to break, etc.);
Monitor their income and use all kinds of tactics to expand their reach, harvest more
data and launch stronger and more lucrative attacks;
Hire blackhat hackers to do it (they’re the bad kind, because there are good hackers
too – the whitehat kind);
Invest in acquiring infrastructure they can use to launch attacks and keep them
Buy exploit kits and ready-made malware that can be deployed instantly.
Unavailability of user interface in regional languages across devices that support cashless
Unavailability of devices
Unavailability of Internet Facility
Percentage of Digital Illiterate.
Mind set / distrust towards application.
Cyber Security: Without proper precautions and security policies, the highly reactive
nature of cyber security leaves us vulnerable to cyber attacks