One of the suggestions under the Unified Payment Interface is that the participating bank would issue a “Virtual Address” to the customer. This will replace the account number. This virtual address would be used by remitters to send payment.
This system appears exactly similar to the domain name system where the IP address was replaced by a human understandable words. To access this site you therefore used naavi.org rather than the static IP address of the server with a folder identity. This system has also given rise to the problem of “Similar” or “Confusingly similar” domain names and conflicting claims. There could be a naavi.org which is in conflict with naavi.cn or naavi.co.uk and so on. These give raise to issues related to trademark and fraudulent impersonation.
Now NPCI is proposing a naavi@icicibank vs naavi@axisbank vs naavi@sbi etc and a definite possibility of not only trademark issues but also genuine wrong credits and fraudulent charges. If a naavi@axisbank initiates a payment pull from a flipkart purchase, all that is needed for a fraudulent charge on naavi@sbi would be an OTP response which can be engineered by a malicious app.
We are therefore in the brink of a new kind of “Bank Name Disputes” and lookalikes.com need to start working on this new business opportunity.
For the common man, this would be a new headache to contend with.
Has NPCI thought of this “Identity Risk” and the legal issues arising out of them?
Who cares? Mr Raghuram Rajan has given his clearence and that is enough to hoist the system on the unsuspecting public.
Naavi
