Centres Of Excellence

To focus on new and emerging areas of research and education, Centres of Excellence have been established within the Institute. These ‘virtual' centres draw on resources from its stakeholders, and interact with them to enhance core competencies

Read More >>

Faculty

Faculty members at IIMB generate knowledge through cutting-edge research in all functional areas of management that would benefit public and private sector companies, and government and society in general.

Read More >>

IIMB Management Review

Journal of Indian Institute of Management Bangalore

IIM Bangalore offers Degree-Granting Programmes, a Diploma Programme, Certificate Programmes and Executive Education Programmes and specialised courses in areas such as entrepreneurship and public policy.

Read More >>

About IIMB

The Indian Institute of Management Bangalore (IIMB) believes in building leaders through holistic, transformative and innovative education

Read More >>

Resources

Report:  User-Level Security Issues in Mobile Payments

With the rapid development of information technology, ubiquitous mobile phones, and the impact of the demonetization scheme of the Government of India, India has experienced a significant surge in the number of electronic transactions through mobile payment apps and services. However, around the world, spread of electronic banking has resulted in thousands of cybercrimes and monetary thefts by cybercriminals. The security risks related to electronic transactions through mobile payments are high due to various technological and other reasons. In this study we focus on the risks associated with Indian mobile phone based payment systems. We conducted experiments with five popular mobile payment systems in four broad categories – wallets (PayTM, FreeCharge), direct link with user’s bank (BHIM), specific bank’s app for account holders (iMobile by ICICI Bank), and basic USSD service (dialing *99#).

In our study, we evaluated the apps on the following six key security principles combining the Basel Committee’s ‘Risk Management Principles for Electronic Banking’ and the RBI norms for electronic banking transactions:

  • The potential for confidentiality breaches
  • The management of the transactions for subsequent repudiation
  • The strength of the authentication process
  • The data and transaction integrity procedures
  • The extent of access and availability of services
  • The procedures for maintaining privacy of customer information

We found that apps and services that were evaluated have security concerns based on one or more of the six principles. However, even while we were conducting the study, we observed that the features of the apps and services were constantly evolving and changing. Hence, we would like to add the caveat that the evaluation of the apps in this report is as observed during our study conducted between December’16 – January’17, and it is highly likely that some of the concerns presented in this report have been addressed, and perhaps new concerns have emerged.

For a detailed report on the study, please click here