Mobile Apps of Banks ..Not audited by RBI?

Posted on April 18, 2016 by Vijayashankar Na

Today, I received an interesting question posed to me through the Cyber Law Guru mobile APP. The question was posed by one by name “Sisirk” and stated as follows:

Question: As per their RTI reply, RBI hasn’t really given permission to banks for social media banking. It only asked them to use SM to popularize their mobile banking. Some banks already offering services using Twitter or Facebook and RBI not saying a word! I came to know that RBI hasn’t audited the mobile apps being used by banks either!

So privacy and security of data of banking customers can be overlooked by such banks with blessings from RBI? How can we stop this nonsense? Thank you.

The keen observer has taken the trouble of checking with RBI and brought out an important aspect that Social Media Banking has not been specifically approved by RBI. Going by what the person has posted as a result of an RTI query, RBI has only asked Banks to use Social Media for promotion.

However what Banks have done is to use the Twitter and Facebook as their KYC agents and accept the messages posted from those platforms to trigger banking transactions.

Now the execution of USSD codes on mobiles also have access directly to Banking servers to the extent that information can be pulled out of the Banking servers without any meaningful security.

In this context, I really have no answer to the question posed by Mr Sisirk. I agree with him that Banks are greedy after their commercial interests and try to use technology to improve its earnings even if it is at the cost of the customers. RBI is only good for sending out guidelines and does not take any responsibility for its guidelines being followed. It is the IBA which drives RBI rather than the other way round.

If RBI has not made any audit of the mobile apps, it is certainly a matter of concern.

I hope this revelation by Mr Sisirk would open the eyes of RBI and take suitable care at least in future to ensure that common customer’s interests are not sidelined to boost the profits of Banks.

I thank Mr Sisirk for bring out this fact for public knowledge and hope some positive action comes forth from RBI.

I request Mr Sisirk to share the entire RTI query/reply for publication so that we can get a better picture of the issue.

I also request RBI to comment on the revelation of Mr Sisirk.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.