A

“COMPREHENSIVE PROJECT REPORT”

ON

“A Study of Mobile payment and It’s Security in India”

Submitted To

(PARUL INSTITUTION OF ENGINEERING AND TECHNOLOGY)

IN PARTIAL FULFILLMENT OF THE

REQUIREMENT OF THE AWARD FOR THE DEGREE OF

Masters of Business Administration

In
Parul University
UNDER THE GUIDANCE OF
Faculty Guide

Prof. Amita Garg

Assistant Professor FMS Parul university

Submitted By

1
Shrirang Wadikhaye Subham Maurya

Enrolment no:210614200266 Enrolment no:210614200135

Batch:2021-2023

MBA SEMESTER III/IV

(Parul Institute of Engineering and Technology)

Parul University

INSTITUTE CERTIFICATE

It is certified that the Comprehensive Project Report titled “A Study of Mobile payment and It’s
Security in India” submitted in partial fulfillment of Master of Business Administration at Parul
University, Vadodara by and Student 2. Enrolment No: 200614200266 and 200614200135 has been
completed under my guidance. This is certify further that to the best of our knowledge the work
reported here in does not form part of any other project report or dissertation on the basis of which
a degree or award conferred on an earlier occasion on this or any other candidate.

Signature of the Students

2
Shrirang Wadikhaye Subham Maurya

Enrolment no.:210614200266 Enrolment no.:210614200135

Signature of the Guide Signature of the Director

Prof.Amita Grag Dr. Bijal Zaveri

STUDENTS DECLARATION

We Students of PIET-MBA 3rd Semester declare that we have prepared this Comprehensive project on “A
Study of Mobile payment and It’s Security in India ” under the guidance of Prof. AMITA GARG.

This work has not been previously submitted to any other university for any other examination. Place:
Vadodara

Sr. No. Student Name Enrollment No. Signature

1 Shrirang Wadikhaye 200614200266

2 Subham Maurya 200614200135

3
Signature. Signature Signature
Prof.Amita Garg Examiner Prof.Bijal Zaveri(Assistant
Professor) (Dean Faculty

PREFACE

The M.B.A program is developed in such a manner that students may gain maximal knowledge and practical
experience in the corporate world in the shortest amount of time. Today's business schools recognise the value of
practical knowledge above theoretical understanding. The research report is required for partial fulfilment of the
M.B.A. curriculum and provides a chance for the researcher to comprehend the industry with a specific emphasis on
the development of analytical and interpretive skills via the use of management theories and methodologies. It is a
novel learning platform based on practical experience that includes survey and comparison analysis. It allows the
student to apply theory to practice in order to assess the validity and relevance of his classroom learning in realworld
business scenarios. This project is a synopsis of the data acquired throughout the study. We are certain that our
genuine efforts and specific attention will justify the topics covered in the reports

4
 INDEX

Sr.No. Content Page.no.

1.0 Achnowledgement 6.

1.1 Introduction 7.

2. Mobile Payment Landscape in India 10.

3. Security Issues in Mobile payment 29.

4. Literature Review 43.

5. Background Study 47.

6. Objectives 48.

7. Research Methodology 49.

8. Source Of Data 50

9. Data Collection Method 50.

10. Hypothesis 50.

11. Population 50.

12. Sampling Method 50.

13. Conclusion 51.

14. Reference 52.

5
 1. Acknowledgement

We would like to acknowledgement everyone who played an important role in our academic accomplishment. First of
all, our parents who supported us with love and understanding without them, we could never have reached this current
level of success. Secondly our Prof. Amita Garg, who has provided patient advice and guidance throughout the
comprehensive project report process.

Finally, we would like to thank all of the responds who took the time to reply to our questioner, as well as the
personnel at our institution for their cooperation and assistance during our final year project

1.1 INTRODUCTION

6
The development of the Internet and the arrival of e-commerce fostered digitalisation in the payment processes by
providing a variety of electronic payment options including payment cards, digital and mobile wallets, electronic cash,
contactless payment methods etc. Mobile payment services with their increasing popularity are presently under the
phase of transition, heading towards a promising future of tentative possibilities along with the innovation in
technology. Total transaction value in the "Digital Payment" segment in India amounts to USD 2.5 billion in 2016 and
is expected to show an annual growth rate of 18.36% resulting in the total amount of USD 5.5 billion in 2020.The
report takes a look at various companies providing the mobile payments solutions (private & public) and different
products offered by them. It also provides information regarding the various methods that are available for mobile
payments solutions. However, around the world, spread of electronic banking has resulted in thousands of cybercrimes
and monetary thefts by cybercriminals. The security risks related to electronic transactions through mobile payments
are high due to various technological and other reasons. In order to prevent yourselves from this, it is significant that
you use a secure mobile payment solution. This study focuses on evaluating the security of the mobile payments
solutions. The issues faced by the users of these mobile payments system are identified in this work. These user issues
are then analysed to identify the risk associated with it, based on the RBI guidelines & BASEL norms. The research
provides useful information to evaluate the security of your mobile payments solution and identify its risk level as
comparison with other. This research provides a conclusion on the security level of mobile payments solutions in India
in accordance with the principle

The growth in wireless technology increases the number of mobile device users and gives pace to the rapid
development of e-commerce conducted with these devices. The new type of e-commerce transactions, conducted
through mobile devices using wireless telecommunications network and other wired e-commerce technologies, is
called mobile commerce, increasingly known as mobile ecommerce or m-commerce. Mobile commerce enables a new
mode of information exchange and purchases, and it presents an unexplored domain. To customers, it represents
convenience; merchants associate it with a huge earning potential; service providers view it as a large unexplored
market; governments look it as a viable and highly productive connection with their constituents. In short, mobile
commerce promises many more alluring market opportunities than traditional ecommerce. M-Commerce is an area
arising from the combination of electronic commerce with emerging mobile and pervasive computing technology.

The most important application of mobile Commerce is Mobile payments. These services make a mobile device to act
as a business tool replacing bank, ATM, and credit cards by letting a user conduct financial transactions with mobile
money. A mobile user attempts to purchase goods or services from a business or service provider, which then contacts
a trusted third party, the wireless service provider, or a financial institution to authenticate the user and amount of
purchase. Once approved, a mobile payment can be made and the purchase is completed. The funds may be withdrawn
from the user's mobile wallet, with the user's phone account, or withdrawn from the user's bank account. Alternatively,
users can pay with mobile money provided by other users or third-party mobile money providers. Mobile money can
move freely between users using local wireless networks or wireless service providers' networks. Several groups are
working on mobile payments, including Pay Circle built by HP, Lucent, Oracle, Sun and Siemens. Mobile financial
transactions

require a high-level of security support. By 2010, it is expected that 3 billion people worldwide will own a mobile
phone. There are currently 225 million mobile phones in India, with an additional 100 million each year. In a few
years, it is expected that more than 500 million people will have a mobile phone in India.

Mobile commerce is the natural successor to e-commerce. The ability to pay electronically in combination with a
website is the engine of e-commerce. Electronic commerce has been facilitated by automatic teller machines (ATMs)
and shared banking networks, debit and credit card systems, electronic money and stored value applications, and
electronic bill presentment and payment systems. Mobile payments are a natural evolution e-payment schemes that
will facilitate mobile commerce. A mobile payment or m-payment may be defined, for our purposes, as any payment
where a mobile device is used to initiate, authorise and confirm an exchange of financial value in return for goods and
services. Mobile devices may include mobile phones, PDAs, wireless tablets and any other device that connect to
mobile telecommunication network and make it possible for payments to be made. The realisation of mobile payments
will make possible new and unforeseen ways of convenience and commerce. Unsuspected technological innovations
are possible. Music, video on demand, location-based services identifiable through mobile handheld devices –
procurement of travel, hospitality, entertainment and other uses are possible when mobile payments become feasible
7
and ubiquitous. Mobile payments can become a complement to cash, cheques, credit cards and debit cards. It can also
be used for payment of bills (especially utilities and insurance premiums) with access to account-based payment
instruments such as electronic funds transfer, Internet banking payments, direct debit and electronic bill presentment.

Nowadays the wireless feature of mobile phones is continuously inspiring creation of value-added services and
functionalities which surpass telephony needs [8]. Due to the exponential growth in the subscribers and wider
coverage in India, mobile has offered an option of delivering banking and payment services. A Mobile Payments
Service (MPS) is a usage of mobile device supported with wireless and communication technology for payment bills,
goods and services [3]. Further, demonetisation of Rs. 500 and 1,000 currency tenders on November 08, 2016 by
Government of India and highest emphasis on cashless economy has put digital payment on forefront. Among other
digital payment modes, MPS has an increasing importance and development in essential mode of low value and high
frequency money transactions. As such, competition is already intensifying in India's MPS sector, and providing post-
monetary services is not sufficient to gain a competitive edge. Mobile payment transaction volume is expected to grow
90% by 2022 (as of November 10, 2016) to reach 15 billion.

BACKGROUND :- Today it is common to see people with multiple mobile devices, all connected to the Internet or
some other network. We are all connected throughout the day, for better or worse. Today, it's hard to imagine a mobile
device without connectivity, be it a cell phone or a laptop. Many new application areas and new business models are
emerging, and new ways of using devices must be taken into account. For example, we can do our daily work and
errands on the go, even if we are in another country.

It is no exaggeration to say that this new lifestyle has offered us many new ways of doing things and has made our
daily lives easier in many ways. But like everything else in life, this amazing technology and lifestyle comes at a price.
It is clear not only the cost of equipment, hardware and software. There are hidden costs to the average user, but they
also play a big part in making the whole thing work properly. We are talking about security here. Some might argue
that security isn't all that important or important and that the average user has nothing to hide, but this document uses
areal-life example to show a real-world example. increase. It could be a device or system with no existing security
mechanism.
Today, there are companies that exist with the sole purpose or business model of carrying out online fraud, identity
theft, and various other attacks. Their motivation is that these business models generate huge sales. I don't think it's
hard to understand the value of information, especially when it comes to business.

PURPOSE AND GOAL :- The purpose of this document is to examine mobile payments in general and focus on
wireless security. Extensive study of two popular wireless standards, 3G and 802.11, and comparison from a security
perspective. In this study, we will discuss various payment methods and their included security mechanisms and their
requirements.

Explore possible attacks and threats to better understand security and how it works. Some questions that this
document attempts to answer are:
*What are the requirements for secure mobile payment systems?
*What are the top mobile payment safety and security attacks?
*An mobile payment systems be considered secure? And for whom?
*Is the technical level of the mobile device and the features available satisfactory for the average user? What can be
said about the future of mobile payment systems?

The primary objective of this study is to examine the usage and security of mobile payments services in India. The
study aims to identify the common security concerns of mobile payments users, the types of fraud and scams that
users may encounter, and the risks and challenges associated with mobile payments security.

8
The study also aims to provide recommendations for mobile payments service providers and regulators to enhance the
security of these services. Additionally, the study explores the perceptions and attitudes of mobile payments users
towards the security of these services.

The scope of the study is limited to the security of mobile payments services in India. The study does not cover the
broader topic of digital payments or the security of other digital payment systems such as internet banking or credit
cards.

2.MOBILE PAYMENT LANDSCAPE IN INDIA

About Major Companies in Mobile Payment Industry

BANKS

State Bank of India

9
State Bank of India (SBI) is an Indian multinational public sector banking and financial services company. It is a state-
owned company headquartered in Mumbai, Maharashtra. On April 1, 2017, the State Bank of India, India's largest
bank, announced that its five affiliated banks (State Bank of Bikaner & Jaipur, State Bank of Hyderabad, State Bank
of Mysore, State Bank of Patiala and State Bank of India) Vance). ) and Bharathiya Mahila Bank, which is the first
major merger in the Indian banking industry. Merger joins State Bank of India among top 50 global banks with £33
trillion in assets, 278,000 employees, 420 million customers, over 24,000 branches and 59,000 ATMs . SBI's market
share increases from 17% to 22%. We have 198 offices in 37 countries. 301 correspondents in 72 countries. The
company is ranked 232nd on the Fortune Global 500 list of the world's largest companies as of 2016. It is the oldest
commercial bank in the Indian subcontinent. Madras Bank merged with his two other "presidential banks" in British
India, Calcutta Bank and Bombay Bank to form Imperial Bank, which became Imperial Bank in 1955 and became
Imperial Bank in 1955. . The Reserve Bank of India (India's central bank) acquired a 60% stake in him and renamed it
the National Bank of India. In 2008, the government acquired a stake in the Reserve Bank of India.

State Bank of India has a 20% market share in deposits and loans among commercial banks in India. SBI
offers a wide range of banking products through its network of branches in India and abroad. Includes
products intended for Non-Resident Indians (NRIs). SBI has 14 regional hubs and 57 zone offices in major
cities across India.

SBI has 18,354 branches in India. 2012/13 sales were £2.5 trillion (US$31 billion), of which domestic
operations accounted for 95.35% of sales. Similarly, the domestic business contributed 88.37% of the total
profit for the year. Under Pradhan Mantri Jan Dhan Yojana on Financial Inclusion, launched by the
government in August 2014, SBI maintained 11,300 camps and opened over 3 million accounts by
September. This includes 2.1 million accounts in rural areas and 1.57 million accounts in urban areas.

In 2014-2015, this bank had the largest presence in the overseas market among Indian banks with 191
overseas branches in 36 countries. We have offices in Singapore, Moscow, Colombo, Dhaka, Frankfurt,
Hong Kong, Tehran, Johannesburg, London, Los Angeles, Maldives, Muscat, Dubai, New York, Osaka,
Sydney and Tokyo. It has offshore banking divisions in the Bahamas and Bahrain and representative offices
in Myanmar, Bhutan and Cape Town.

10
 Central Bank of India

The Central Bank of India is a state-owned bank. He is one of the oldest and largest commercial banks in India. It is
based in Mumbai, the financial capital of India and the capital of Maharashtra. This bank has his 4,730 branches,
5,319 ATMs and 4 branches in his 27 states and his 3 Union Territories in India. Currently, the Central Bank of India
has an overseas office in Nairobi, Hong Kong, and joint ventures with the Bank of India, Bank of Baroda and the
Government of Zambia. The Zambian government holds 40% of the shares and each bank holds 20%. We also
recently opened a representative office in Nairobi, Kenya.

The Central Bank of India is one of 20 public sector banks in India to receive recapitalisation loans from the
government over the next 24 months. The Central Bank of India has asked the Reserve Bank of India (RBI) for
permission to open five representative offices in Singapore, Dubai, Doha and London. As at 31 March 2015, the
Bank's reserves and surplus amounted to Rs.283.03 crore. The total business turnover at the end of last financial year
was Rs 4505.390 (approximately) million. The Central Bank of India is one of the first banks to issue credit cards in
India in partnership with MasterCard in 1980. The Central Bank of India releases its financial results for 2013. Net
profit of £1015

Oxigen Services India Pvt Ltd.

Establishment: 2004
Headquarter: Gurgaon, Haryana, India
11
Website: http://myoxigen.com/Oxigen business involves service aggregation

Oxigen Services India Private Limited, an ISO 9001:2008 certified company, is India's Largest Payments Solutions
Provider. Oxigen is in the business of service aggregation, distribution and payment processing/collections.

This business was initially built to service the nations Telecom/DTH Operators, Multiple Services, Providers and
Banks, Pan India and to provide easy access to the people of India, to pay for services at their neighbourhood retail. 10
years on, Oxigen Services continues to lead the industry in the Recharges, Money Transfer & Bill Payments space.
Oxigen now empowers many large format retail chains, banks portals, mobile wallets, wapitis and government portals,
to enable them for their own customers to make easy merchant payments using Oxigen’s aggregated services, as well.

A company that has the largest retail footprint of small retail outlets crossing 1,30,000 in numbers, sees more than 50
million plus transaction per month. Oxigen continues to work on Financial Inclusion drives and is a Banking
correspondent to many banks, working on No Frill account opening and money transfers. With a strong innovations
team, Oxigen’s proprietary software is available for retailers and partners to access from a variety of tools, like the
web, sms, mobile/pc apps & on Oxigen’s own Point of Sale Machines.

Oxigen Services and distribution utilising mobile, PoS and web for online payment processing and money transfer
services. The company also offers service for easy merchant payments at bank portals, retail chains, telecom & bank-
led mobile wallets and government portables. Moreover, the company provides its services to leading providers across
industries, like, Telecom, Direct?too? home TV, Internet Broadband, Travel (Railways/Airlines/Bus), Cinema/Movie
Tickets, Utility Bill Payments, Gaming, Music & Movie Downloads and more.

The largest provider of payment solutions in India and an ISO 9001:2008 accredited business is Oxigen Services India
Private Limited. Sales, service aggregation, and payment processing/ collection are all sectors where Oxygen operates.

To make it simpler for Indians to pay for services at nearby retail establishments, the company will initially supply
services to national telecom/DTH operators, a variety of services, suppliers, and banks throughout India. Ten years
later, Oxigen Services continues to lead the industry in charging, transferring money and paying bills. Oxigen now
enables many large retail chains, banking portals, mobile his wallets, wasites, and government portals, making it easy
for customers to make merchant payments using his Oxigen aggregation services. to

Companies with the largest retail presence among over 1,30,000 small retailers conduct more than 50 million
transactions per month. Oxigen continues to work on financial inclusion initiatives and is a bank correspondent for
many banks working on no-frills account openings and transfers. With a strong innovation team, Oxigen's proprietary
software is made accessible to retailers and partners via a variety of tools, including his web, SMS, mobile/PC apps,
and his POS machine, exclusive too Oxigen.

12
 One97 Communication Limited.

Establishment: 2000
Headquarter: New Delhi, India
Website: https://www.one97.com/

One 97 Communication Limited runs Paytm, which delivers mobile content and commerce services to millions of
mobile consumers through India’s most widely deployed telecom applications cloud platform. It is more than 4,500
people strong with regional offices in Mumbai, Bengaluru, Pune, Chennai and Kolkata, with a global presence in
Africa, Middle East and Southeast Asia. The company is backed up by marquee investors like Alibaba Group, Ant
Financial (AliPay), SAIF Partners, Mediate, Sapphire Venture and Silicon Valley Bank.

Vijay Shekhar Sharma founded the company in August 2010. Paytm, an acronym for Payment Through Mobile, was
launched as a consumer brand. As of January 2017, the company employed over 13,000 people and operated 3 million
offline retail outlets across India. It also manages the Paytm payment gateway and the Paytm wallet.One97's flagship
brand, Paytm, is India's largest digital goods and mobile commerce platform, inspired and driven by its commitment to
superior customer experience. In 2015, Paytm obtained a license from the Reserve Bank of India and he set up one of
13
the first Indian payments banks called 'Paytm Payments Bank Limited'. At the time, the bank intended to leverage
Paytm's existing user base to offer new services such as debit cards, savings accounts, online banking and money
transfers, enabling a cashless economy. The clearing bank will be a separate entity owned 51% by founder Vijay
Shekhar Sharma, 39% by One97 Communications and 10% by One97 subsidiaries and Sharma.

One97 provides its mobile content and commerce services to millions of mobile consumers through its cloud platform
for India's most widely deployed communications applications. In May 2017, Paytm launched Paytm Payments Bank
for Paytm e-wallet users. Also in May 2017, Paytm was said to be in talks to put his $30 million into Insider.in to
acquire a majority stake. In July 2017, Paytm acquired a majority stake in Insider.in, enabling users to book events
instantly. As of June 2017, the organisation's recently launched online marketplace, Paytm Mall, has digitised its
catalog of over 1,000 car and two-wheeler dealers to increase online usage and offline sales. I'm sure. In June 2017,
The Economic Times reported that Paytm was seeking a license to set up a money market fund to allow users to store
cash and earn interest. They are awaiting approval and have already applied to the Central Bank of India to set up a
fund. Headquartered in New Delhi,

One97 employs over 4,500 people, with offices in Mumbai, Bangalore, Pune, Chennai and Kolkata, and a global
presence in Africa, Europe, the Middle East and Southeast Asia. Backed by renowned investors such as Alibaba
Group, Ant Financial (AliPay), SAIF Partners, Mediated, Sapphire Venture and Silicon Valley Bank.

Bharti Airtel Limited.

Establishment: 1995
Headquarter: New Delhi, India
Website: https://www.airtel.in/

Airtel is an Indian multinational telecommunications services company that generates most of its revenue from its
mobile segment. Bharti Airtel, which operates in South Asia and Africa as well as India, also offers broadband,
telephone, and digital television services. It has 240 million customers in India and 328 million overall. It operates in
18 countries across South Asia and Africa, also in the Channel Islands. Moreover, Airtel payments, a subsidiary of
Bharti Airtel, operates in the payment areas and is differentiated from other banks proving financial services. Bharti
Airtel Limited is a leading global telecommunications company with operations in 18 Asian and African countries.
Bharti Airtel, headquartered in New Delhi, India, is one of the world's top three mobile operators in terms of
subscribers. The company provides an integrated suite of communications solutions to its enterprise customers, as well
as long-distance domestic and international connectivity. In addition, the company provides digital TV and IPTV
services. Under the unified brand "Airtel," all of these services are provided directly or through subsidiaries. The
company operates through four strategic business units: Mobile Telemedia Enterprise, Digital TV, and Internet of
Things. India, Sri Lanka, and Bangladesh are served by the mobile business. Telemedia offers broadband IPTV and
telephony services in 95 cities across India. The Enterprise business provides end-to-end telecommunications
solutions for corporate customers and domestic and international long distance services for telecom operators. The
company also owns and manages passive infrastructure related to the telecommunications business under its
subsidiary Bharti Infrabel Ltd. Bharti Infrabel Ltd owns his 42% off Indus Towers Ltd. Bharti Infrabel Ltd and Indus
14
Towers Ltd are the largest providers of passive infrastructure services for telecommunications services in India. Bharti
Airtel Ltd was incorporated in 1995 under the name Bharti Tele-Ventures Ltd. The company was sponsored by Bharti
Telecom Ltd, a company incorporated under the laws of India. The company's name was changed from Bharti Tele-
Ventures to Bharti Airtel Ltd on 24th April 2006 to reflect its core brand purpose and nature of business, becoming the
first brand in Delhi and Himachal Pradesh to carry an 'Airtel' brand. was attached. In 1997-1998, the company became
the first private operator to be licensed to provide basic telephone services in Madhya Pradesh. They founded Bharti
BT VSAT Ltd and Bharti BT Internet Ltd that year. In 1999-2000, the company acquired his JT Mobiles and provided
cellular services in Punjab, Karnataka and Andhra Pradesh. We also expanded our presence in South India with the
acquisition of Sky-cell Chennai. In 2001/02, IndiaOne launched India's first private domestic and international long
distance service. Across India he has eight new county licenses. In July 2001, the company acquired his 100% stake in
Bharti Mobile Ltd (formerly Spice Cell Ltd), which provided mobile telecommunications services in Kolkata county.

In 2002-2003, the company launched mobile services in Mumbai, Maharashtra, Tamil Nadu, Kerala, Madhya Pradesh,
Uttar Pradesh (West), Haryana and Gujarat, fixed line services in Tamil Nadu and Karnataka, and launched
international long-distance services. We have also started commercial operation of the submarine cable landing
station. From 2003 to 2004, we provided unified access services covering telecommunications lines in West Bengal
(including Andaman & Nicobar and Sikkim), Bihar (including Jharkhand), Orissa, Jammu & Kashmir and UP (East).
obtained a new license to provide He also acquired stakes in telecommunications lines in Rajasthan and the
northeastern states by acquiring his 67.5% stake in Bharti Hexacom Ltd. In 2004-2005 his subsidiaries Bharti Cellular
Ltd and Bharti Infidel Ltd merged with the company on April 1, 2004. Bharti Mobile Ltd merged with Bharti Cellular
Ltd before Bharti Cellular Ltd

merged with Bharti Mobile Ltd operating in Karnataka Andhra Pradesh and Punjab.The company acquired a further
1% stake from Found M T Al Ghanim Trading & Cont Co Kuwait, one of the shareholders of Bharti Hexacom Ltd. In
the same year, the company and his Videsh Sanchar Nigam Ltd signed a deal for 5000 crore for him to share the
company's national long distance telephone network for 15 years. They have signed local mobile phone contracts with
six other major mobile operators (Globe Telecom Philippines). Optus Australia; SingTel Singapore; Taiwan Cellular
Corporations Taiwan and Talkomsel Indonesia formed a regional alliance called the Bridge Alliance. In April 2005,
our holding company, Satcom Broadband Equipment Ltd (previously known as Comsat Max Ltd), through our
formerly wholly-owned subsidiary Bharti Infotel Ltd, which merged with us, was transferred to his CMax Infocom
Ltd) was acquired. Also, on October 1, 2005, Satcom Broadband Equipment Ltd and Bharti Broadband Ltd merged
with us. In 2005-2006, the company signed a managed capacity expansion agreement with Ericsson to provide
managed services and expand the GSM/GPRS network to his 15 county provinces in India. It also signed an
agreement with Nokia to extend its managed GSM/GPRS/EDGE network to eight regions. The company and his IBM
introduced managed services as part of a joint go-to-market program. That year, Vodafone acquired his 10%
beneficial interest in the company by underwriting convertible bonds from Bati Enterprises Limited. The company
also signed strategic partnership outsourcing agreements for call centre customer care with his four international
BPOs: Hinduja TMT (HTMT), IBM Daksh Emphasis, and TeleTech Services. In 2006/07, the company acquired his
seven wholly-owned subsidiaries namely Bharti Airtel (USA) Ltd, Bharti Airtel (UK) Ltd, Bharti Airtel (Hong Kong)
Ltd and Bharti Airtel (Canada) Ltd, Bharti Infrabel Ltd, Founded Bharti Telemedia Ltd and Bharti. Airtel Lanka (Pvt)
Ltd. They have received his letter of offer from the Telecommunications Regulatory Commission of Sri Lanka
regarding the provision of his 2G and 3G mobile services in Sri Lanka. That year, the company signed a deal with
Microsoft to provide software and services to small and medium-sized businesses (SMBs) in India to bring Microsoft's
latest Windows Mobile 5.0 technology to market and deliver it to its customers.

15
 Mobile Payment Forum of India

According to the official, India's Mobile Payments Forum (MPFI), a think tank, plans to deploy a variety of user-
friendly features such as voice-based verification. MPFI is a joint endeavour of the Banking Technology Development
Research Institute in Hyderabad and the Rural Technology Business Incubator He IIT Madras to "enable mobile
payments and financial services through secure, efficient, and low-cost transactions." I'm aiming. It was essential in
the establishment of interoperability and security standards for the Immediate Payment Service (IMPS), the underlying
platform for mobile payments, and, later, the Unified Payments Interface (UPI) built on IMPS. MPFI stakeholders
include policymakers, banks, telecommunications corporations, and others. "MPFI will focus primarily on futuristic
solutions such as voice-based authentication, security, and privacy," stated MPFI Chairman Gaurav Raina.As a
solution-oriented think tank, MPFI looks at short-, medium-, and long-term issues in politics, business, and
technology, he said in an interview with PTI.

Professor Reyna, Indian Institute of Technology, Madras (IIT-M), also worked on other issues such as user awareness,
message format simplification for SMS banking, proximity payments, and near field communication (tap and pay).
said it was being dealt with. the next few months. For example, MPFI is working to standardise message formats for
his SMS banking among banks, he said. “Not everyone has a smartphone. Connectivity continues to improve, but it
can be spotty. We need to promote and standardise SMS as a channel for at least basic financial services,” he said. For
example, a master code can be used between banks for account balance purposes.

The National Payments Corporation of India (NPCI)

16
The National Payments Corporation of India (NPCI) is an initiative taken by the Reserve Bank of India (RBI) and
Indian Bank’s Association (IBA) to operate the retail payments and settlement systems in India. This organisation was
founded in the year 2008 under the Payment and Settlement Systems Act, 2007. NPCI has been incorporated as a ‘not
for profit’ company under section 8 of Companies Act 2013 ,with the help of the Reserve Bank of India (RBI) and the
Indian Banks' Association (IBA), the National Payments Corporation of India (NPCI) unifies disparate systems across
the country into a unified, standardised business procedure. It was meant to be linked into something like a retail
payment system. Another important goal of NPCI was to promote affordable payment technologies that may help the
general people achieve financial inclusion.

According to the PSS Act of 2007, NPCI may operate the following payment systems that have been approved by
RBU.

Immediate Payment System (IMPS) - A co-branded credit card issued by a non-bank financial corporation (NBFC) or
another RBI-approved business.

National Automatic Clearing House (ACH) Aadhaar Enabled Payments System (AEPS) Check cutting system
operation

Some of the current products launched under the National Payments Corporation of India are described below. The
card is now accepted at all ATMs and is issued by India's 300 credit unions and Rural Rural Banks (RRBs). (See
linked article for a list of RRBs in India.)

National Common Mobility Card: Rupay Also known as a contactless card, allows cardholders to It is a contactless
payment technology that allows you to swipe your card. Physically swipe or insert the card.

Bharat Interface for Money (BHIM): Bharat Interface for Money (BHIM) is a mobile payment application based on
NPCI's Unified Payments Interface (UPI). You can easily send or receive money from other customers using UPI. See
the linked article for more information on BHIM.

Unified Payments Interface (UPI): The Unified Payments Interface (UPI) was launched on April 11, 2016 as an instant
interbank payment system. This payment system is designed to provide a mobile platform for instantly transferring
money between two bank accounts. Learn more about the Unified Payments Interface here.

Bharat Bill Payment System: Bharat Bill Payment System is an all bill payment initiative of NPCI and Reserve Bank
of India (RBI) to provide interoperable and accessible bill payment services to customers.

National Payments Corporation of India is an initiative of the Reserve Bank of India and the Indian Bankers
Association. With its Instant Payment Service (IMPS), India has become the world's leading real-time payments
country in the retail sector.

17
 MAJOR PRODUCTS IN MOBILE PAYMENT ‘INDIA’

Even small mobile and digital wallets have evolved in India as shopping patterns have evolved due to Covid 19. As
UPI makes payments seamless, mobile wallets and digital payment apps are surpassing credit card usage and
gradually beginning to replace traditional payment methods.

A mobile wallet or digital wallet is simply a virtual mobile wallet that allows you to store cash for mobile, online or
offline payments. India has different types of mobile wallets such as: B. Open, Semi-Open, Semi-Closed, Closed -
depending on usage and type of possible payments. Wallets are growing rapidly, especially as they help increase
transaction speeds for e-commerce businesses, and all e-commerce marketplaces are also integrating such mobile
wallets. With the introduction of UPI, you can now send money directly from your bank account instead of your
wallet, making it even easier.

India has the second largest internet population with over 749 million users (as of 2020), of which 744 million access
the internet via mobile phones. By 2040, there could be around 1.5 billion users. The number of smartphone users in
India has now reached 54% of his population and by 2040 he is estimated to reach 96%.

The payments industry has undergone major changes in recent years. Implementation of Unified Payment Interface
(UPI) by National Payments Corporation of India, allowing several Indian banks and other third-party companies to
allow users to send and receive money between bank accounts linked to his UPI Now launching UPI-enabled mobile
payment apps. .

Indians had already migrated to digital payment systems before the coronavirus pandemic hit, thanks to the Indian
government's Digital India initiative. The pandemic has undoubtedly pushed more and more Indians to adopt cashless
transactions.

PhonePe

18
Bangalore-based online payment app is India's first UPI-enabled payment app powered by Walmartowned Flipkart,
which has over 300 million registered users across India. PhonePe leads his UPI payments market in India with his
46.04% market share.

PhonePe allows you to transfer money, charge money, pay bills, shop online, book flights, invest, and more. It works
with the UPI system so you can link your bank account to his PhonePe account to make transactions. You can also
make payments using your PhonePe wallet, debit card, and credit card. You can link your other existing e-wallets such
as Jio Money, Airtel Money to the PhonePe app and easily transfer funds between these wallets.

Mobile apps are the preferred method of paying for groceries, utilities, phone top-ups, and more. Even large
transactions are now processed digitally instead of cash, streamlining as well as eliminating the risk factor of the
physical world. Forever the entire banking and financial sector.

PhonePe is he one of the payment apps that have made life easier for millions of Indians. His UPIbased app PhonePe
in India, founded in December 2015, was acquired by his Flipkart and its parent company, Walmart, a year later.
Flipkart now owns his 87% of PhonePe, the parent company owns a further 10%, and the remaining shares are held by
his Flipkart minority shareholders.

PhonePe is currently hailed as the leader in the digital payments market in India. The app allows users to manage their
bank accounts digitally, access them conveniently, and spend their money for whatever they want. You can easily link
your credit and debit cards to your mobile wallet to make digital payments. In addition, you can also do instant
transfer via PhonePe. These are just a few examples where PhonePe is considered essential. Trust me. We have others,
too.

His PhonePe, currently headquartered in Singapore, will move its headquarters to India, according to reports on 20
July 2022. Stay tuned if you want to learn more about PhonePe's success story, founder and team, competitors,
business model, revenue model, funding and investors, and more.

Google Pay

Google Pay, formerly launched as Tez in India is a digital payment app from Google which utilizes the UPI to enable
in-app, online, in-store, and in-person cashless transactions on mobile devices, tablets, smartwatches. Users can send
and request money from other Google Pay users within India.

Google Pay India also has similar product offerings in other markets such as various cash-back and other rewards
including scratch cards, discounts, etc.

As per the latest data from the NPCI, Google Pay shares 34.36% of the total UPI payment market in India, second to
PhonePe. There are over 70 million active users in the country. Google Pay is a digital wallet and payment platform
from Google. It enables users to pay for transactions with Android devices in-store and on supported websites, mobile
apps and Google services, like the Google Play Store.

19
Users link credit or debit cards to their Google Pay account, which is used for making the transactions for in-store or
online purchases. On Android devices, Google Pay uses near field communication (NFC) to interact with payment
terminals. When signed in to one’s Google account in the Chrome browser, users can conduct transitions with Google
Pay on sites that support the service.

Google Wallet is the company's first mobile payment system, developed for Android devices in 2011. Rebranded to
Android Pay in 2015, Google Wallet once again focused exclusively on peer-topeer (P2P) payments. In 2018, Google
announced that Google Wallet will join other payment services under the Google Pay brand. Google Wallet has since
been renamed to Google Pay Send. Google Pay is available for contactless payments on Android devices. Peer-to-peer
functionality and account access are available on iOS. However, when using an iPhone or Apple Watch for NFC
payments, only Apple Pay is suitable for this use case.

Google Pay is compatible with hundreds of banks and payment systems. In particular, support for Visa, MasterCard,
Discovery and American Express cards is expected. If you have any questions about Google Pay compatibility, please
contact your bank. The Google Pay user website also has a list of supported banks by country. The Google Support
site also lists stores and transit agencies that support Google Pay. Users must look for the Google Pay icon or
contactless payment icon on their device. To pay, you must have the Google Pay app installed on your device and
have a card linked to your account. After using Google Pay, a list of previous transactions is saved to your Google
Account so you can retrieve and save them later.

Paytm

Paytm (or pay through mobile) is a Noida-based fintech firm that is owned by One97 Communications.
Paytm is one of India's largest mobile payments and e-commerce player. It allows cashless transactions
through the Paytm app or Paytm website.

Paytm wallet lets you store and send money from one wallet to another wallet or pay directly from your
bank account using the UPI. You can recharge your mobile phones, metro cards, data cards, DTH cable and
make utility bills payments, postpaid payments. Or book movies and travel tickets, do online shopping or
use at various locations such as taxis, grocery shops, restaurants, malls, etc.

With over 150 million active users, Paytm continues to be at the top with the largest volume of transactions
by any payment firm in India. Paytm is valued at $16 billion as of 2020.

Paytm Wallet is an RBI approved secure digital/mobile wallet that can be used to meet almost any financial
need. You can add funds to your Paytm wallet via UPI, internet banking or credit/debit card. Additionally,
you can transfer money from your Paytm wallet to another person's bank account or Paytm wallet at no extra
charge.
20
You can use your Paytm wallet to make the following transactions:

Utility bill payments such as electricity, broadband/landline, city tax, water or gas (cylinder or prepaid),
Challan. You can also pay for your education, such as school fees and apartment rent.

Paytm can be used to top up mobile phones, broadband connections, subway cards, DTH, FASTag, Google
Play services and more. You can also use your Paytm account

to pay your mobile postpaid bills and credit card bills. Use your Paytm wallet to book plane tickets, IRCTC
train tickets, bus tickets, movies and more. You can book directly with the Paytm application or use the
Paytm payment mode with applications such as BookMyShow, IRCTC, etc. Through the

Paytm wallet you can pay to use the service through other partner applications such as Uber, Zomato and
Flipkart. You can pay directly to these third-party apps using your Paytm account or deposit funds directly
into your wallet.

You can shop online through Paytm Mall and/or other e-commerce platforms such as Myntra, Ajio, etc.
increase. Use your Paytm wallet to make payments on these 3P apps as well as check out Paytm offers and
coupons to get extra discounts and get cashback Buy

Gift Coupons , can also be shared with friends and subscriptions to purchase multiple apps Paytm Wallet

can be used to make both Paytm FASTag payments and bank-issued FASTags payments. In addition to the
above services and facilities, Paytm Mini Store also allows access to medicine ordering, doctor visits, and
various lifestyle and other service applications.

21
 Amazon Pay

Amazon Pay, owned by e-commerce giant Amazon is an online payment service that allows customers to use payment
methods stored in their Amazon account for the purchase of goods and services on Amazon and other third-party e-
commerce websites. Users can also pay utility bills, phone bills, send money to contacts, and more.

You can also set up Amazon Pay UPI for UPI transactions by registering through the Amazon app. Amazon UPI
services are provided by Axis Bank. There are now 50 million customers using Amazon Pay UPI services.

Amazon Pay is a service offered to Amazon customers and can be used anywhere, from clicking the Amazon Pay
button while checking out your favorite online store or managing payment methods in your Amazon.co account.
Using Amazon Pay in .uk or Alexa*. There are no additional registrations or entries. Transactions are safe and secure,
and everything can be tracked in your Amazon account.

FreeCharge

22
Trusted by over 27 million users, FreeCharge is a popular e-commerce website and a digital wallet owned by Axis
bank. Customers use FreeCharge to recharge their prepaid, postpaid, metro card, DTH, utility bill payments, and do
online shopping and in-store purchases.

Marketed as the one-stop solution for online recharge, it covers major network providers in India including Airtel,
Aircel, Vodafone, BSNL, etc. It offers generous cash-back, multiple discounts for various transactions.

FreeCharge wallet is UPI-enabled which allows customers to send and receive money through the UPI system.

The federal government's long-term goal is to transform India into a vibrant digital economy. This vision has led to
significant growth in the number of locally developed electronic wallets and payment gateways. In 2016, the
government's rapid fiat currency gave new power to online payment gateways and apps. With the advent of e-wallets
and payment gateways, reliance on cash transactions has significantly decreased. India's free e-wallet is one of the
most popular e-wallets in India. Free-charge, a Haryana-based startup founded by Kunal Shah and Sandeep Tandon,
was founded in 2015. Customers can use Free-charge to pay for a variety of financial services including insurance,
investments, bill payments, savings, loans and online shopping. Free-charge is a subsidiary of Axis Bank, one of the
largest banks in the United States. In addition to these payment methods, the company accepts payments via UPI and
BHIM. Customers can use the mobile app to connect their bank account to UPI or BHIM payment modes to make
cashless purchases. You can do it. Free-charge has a large base of individuals and professional users who rely on the
company's services for their day-to-day operations. Read on to find out everything you need to know about the Free-
charge app.

JioMoney

JioMoney is a digital payment app by Reliance Industries that can be used for bill payments, recharge mobile/DTH,
and making payments at thousands of online and physical stores. JioMoney is available as a payment option at several
e-commerce sites.

JioMoney also offers discounts, cash back, coupons, and deals.

JioMoney Wallet is available for download on Apple App Store or Google Play Store. The money can be added to the
wallet using Net banking, debit card, or credit card or link the bank account.

23
The partnership between SBI and Reliance Industries should outperform other payment companies. RIL planned to
leverage Jio's pan-India communications network and Reliance Retail's online and offline payment bank reach. SBI,
on the other hand, was expected to provide its expertise in building products and its mass distribution network to help
settlement banks win more business.

“However, Jio Payments Bank has no merchant or customer acquisition efforts. The bank played a subsidiary role in
their larger plans. SBI was just an investment partner," said the former SBI official, who requested anonymity.

SBI said in an account memo accompanying earnings for the March quarter that he paid £9.48 million to paying
banks. The country's largest lender owns 30% of Jio Payments Bank, with the rest held by his Reliance.

As mobile payments services continue to gain popularity in India, concerns regarding the security of these services
have also increased. The following section discusses the common security concerns of mobile payments users in India,
as well as the types of fraud and scams that users may encounter. Additionally, data breaches and privacy concerns
associated with mobile payments services will be explored. Finally, the section concludes by discussing the risks and
challenges of mobile payments security in India.

Common security concerns of mobile payments users

Mobile payments users in India have a range of concerns regarding the security of these services. One of the most
common concerns is the risk of losing money due to fraud or theft. Users are also concerned about the possibility of
unauthorised access to their personal and financial information. Additionally, users worry about the security of the
mobile payments app or platform itself, such as vulnerabilities in the app or hacking attacks on the platform.

Other security concerns include the potential for technical glitches, which could result in transactions being processed
incorrectly or not at all. Some users are also worried about the privacy of their financial information, as mobile
payments apps may collect data on their spending habits and other financial information.

24
 3.SECURITY ISSUES IN MOBILE PAYMENT

Types of fraud and scams

Mobile payments users in India are vulnerable to various types of fraud and scams. One common type of fraud is
phishing scams, where users receive fraudulent emails or text messages asking them to disclose personal and financial
information. Another type of fraud is identity theft, where a fraudster may use a user's personal information to open
accounts or make transactions without their knowledge or consent.

Other common types of fraud include SIM swapping, where a fraudster takes control of a user's phone number to gain
access to their mobile payments account, and malware attacks, where a user's device is infected with malicious
software that can steal their personal and financial information.

Data breaches and privacy concerns

Mobile payments services in India also face the risk of data breaches, where sensitive information such as user names,
passwords, and financial information can be accessed by unauthorised parties. This can result in financial losses for
users as well as damage to the reputation of the mobile payments service provider.

Privacy concerns are also an issue for mobile payments users in India. Some users may be uncomfortable with the
amount of personal and financial information that is collected by mobile payments apps and platforms. They may also
worry about the security of this information and the potential for it to be used for malicious purposes.

Risks and challenges of mobile payments security

The security of mobile payments services in India faces several risks and challenges. One challenge is the complexity
of the mobile payments ecosystem, which involves multiple parties such as banks, payment processors, and mobile
payments service providers. This complexity can make it difficult to implement effective security measures and to
identify and address security vulnerabilities.

Another challenge is the lack of user education and awareness about mobile payments security. Many users may not
be aware of the risks associated with mobile payments or the best practices for using these services securely.

Finally, the rapid pace of technological change in the mobile payments industry presents ongoing risks and challenges.
As new technologies emerge, such as mobile wallets and biometric authentication, new security vulnerabilities may
also arise that must be addressed by mobile payments service providers and regulators.

Overall, the security of mobile payments services in India is a complex and multifaceted issue that requires ongoing
attention and investment from all stakeholders in the ecosystem.

25
Security Risks Associated with Mobile Payment Services:

Mobile payment services are convenient, but they also come with security risks. Some of the common security risks
associated with mobile payment services in India are:-

Data theft:

Hackers can intercept and steal the data transmitted between the mobile device and the payment gateway. Data theft is
the unauthorised or illegal act of taking, copying, or transferring data from a computer, device, or network without the
owner's permission or knowledge. This can be accomplished through various methods, such as hacking, malware or
phishing attacks, physical theft of devices or storage media, or even through the actions of malicious insiders. Data
theft can result in the compromise of sensitive and confidential information, such as personal identifying information,
financial data, intellectual property, or trade secrets, which can have serious consequences for individuals, businesses,
and organisations. Data theft is a serious and growing problem that occurs when an unauthorised party gains access to
or steals sensitive and confidential data from an individual or organisation. In today's digital age, data theft has
become a major concern for individuals, businesses, and governments alike, as it can result in financial loss,
repetitional damage, and even identity theft.

Data theft can occur in a number of ways, including through hacking, phishing, social engineering, or physical theft of
devices or storage media. Hackers use various techniques to gain access to sensitive data, such as exploiting software
vulnerabilities or using malware to infiltrate networks and systems. Phishing scams are another common method used
by cybercriminals to trick users into giving away their personal information, such as login credentials or financial
details.

In addition to these external threats, data theft can also be caused by malicious insiders, such as employees or
contractors who have access to sensitive data. Insiders can steal data for a variety of reasons, such as financial gain,
revenge, or to sell to competitors.

The consequences of data theft can be severe. For individuals, data theft can result in identity theft, financial loss, or
damage to their credit score. For businesses and organisations, data theft can lead to lost revenue, legal liabilities, and
damage to their reputation. Governments are also at risk, as data theft can result in the loss of sensitive and classified
information.

To protect against data theft, individuals and organisations must take steps to secure their data. This includes
implementing strong passwords, regularly updating software, and using encryption and other security measures to
protect sensitive data. It is also important to be vigilant against phishing and other social engineering attacks, and to
educate users about how to identify and avoid these types of scams.

In conclusion, data theft is a serious and growing problem that requires the attention and effort of individuals,
businesses, and governments to protect against. By implementing strong security measures, being vigilant against
threats, and educating users about how to protect their data, we can help reduce the risk of data theft and protect
against the potential consequences of this type of crime.

Example of Data theft :- One example of data theft is the theft of personal information, such as names, addresses, dates
of birth, and social security numbers, from a company's database. This can be accomplished through a variety of
means, such as hacking into the company's network, installing malware on their systems, or through social
engineering techniques, like phishing scams. The stolen data can then be sold on the dark web or used for identity
theft and fraud, causing harm to the individuals whose data was stolen. This type of data theft has occurred in several
high-profile data breaches, including the Equifax data breach in 2017 and the Target data breach in 2013

26
Phishing:

Users can be tricked into revealing their login credentials, PIN, or other sensitive information through phishing
attacks. Phishing is a type of cyber attack where a malicious actor, often posing as a trustworthy entity, such as a bank
or a legitimate company, attempts to trick individuals into providing their personal or sensitive information, such as
login credentials, credit card numbers, or other confidential data. The attacker may use various means to accomplish
this, such as email, instant messaging, or social media messages, and will often use social engineering tactics to make
the message appear legitimate and urgent.

The goal of phishing is to obtain sensitive information from the target, which can then be used for various malicious
purposes, such as identity theft, fraud, or extortion. Phishing attacks are becoming increasingly sophisticated and
difficult to detect, as attackers use various techniques, such as spoofed email addresses, cloned websites, and well-
crafted messages, to deceive their victims.

To protect against phishing attacks, it is important to be vigilant and to practice good security habits, such as carefully
examining messages and URLs, avoiding clicking on suspicious links, and never providing personal or sensitive
information in response to unsolicited messages. Organisations can also implement security measures, such as anti-
phishing software, to detect and block phishing attempts before they can do harm. Phishing is a type of social
engineering attack that aims to deceive and manipulate individuals into revealing sensitive information, such as
passwords, usernames, bank account details, or other personal or financial data. This technique is often used by
cybercriminals to gain unauthorised access to sensitive data and systems, and it is a common tactic used in many types
of cyberattacks, including identity theft, fraud, and ransomware attacks.

Phishing attacks typically involve the creation of a fake website, email, or text message that looks like it is from a
legitimate source, such as a bank, an online retailer, or a government agency. The message will often contain a sense
of urgency or some other form of emotional manipulation to get the target to click on a link or to provide their
personal information. The link will then take the target to a fake website that looks like the real one, but is designed to
steal the target's credentials or other sensitive information.

Phishing attacks can be delivered through various channels, including email, instant messaging, social media, or even
phone calls. Attackers can use various techniques to make the messages appear legitimate, such as using a sender
email address that looks like the real one, or by copying the design of the legitimate website to create a convincing
fake one.

The consequences of phishing attacks can be severe, as the attacker can gain access to sensitive information that can
be used for various malicious purposes, such as identity theft or financial fraud. In addition, the attacker may use the
stolen data to launch further attacks, such as infecting the victim's computer with malware, or to sell the data on the
dark web.

To protect against phishing attacks, individuals and organisations should implement security measures such as two-
factor authentication, anti-phishing software, and employee training programs that teach users how to recognise and
avoid phishing attacks. Additionally, it is important to regularly update software and to be cautious when clicking on
links or downloading attachments, as attackers can use these to deliver malware or to infect the target's device with a
virus. By being vigilant and proactive, individuals and organisations can significantly reduce their risk of falling
victim to phishing attacks.

Example of Phishing :- One example of a phishing attack could be an email that appears to be from a well-known
bank, such as Bank of America, that informs the recipient that their account has been compromised and they need to
log in to verify their information. The email may include a link to a fake website that looks like the bank's legitimate
website and asks the user to enter their login credentials, such as their username and password, to verify their account.

The fake website may look very similar to the real Bank of America website, including the logo and colour scheme,
which can make it difficult for the user to detect that it is a fake site. Once the user enters their login credentials, the
attacker can then steal the user's sensitive information and use it for malicious purposes, such as making unauthorised
transactions or accessing other accounts that the user may have linked to their Bank of America account.

27
Another example of a phishing attack is a text message that appears to be from a well-known retailer, such as Amazon,
that informs the recipient that they have won a prize or need to claim a refund. The text message may include a link to
a fake website that looks like the Amazon website, where the user is prompted to enter their personal information,
such as their credit card details, to claim the prize or refund.

In both of these examples, the attacker is using social engineering tactics to trick the user into providing their sensitive
information, which can then be used for malicious purposes. It is important for individuals to be cautious when
receiving unsolicited emails or text messages and to never provide their personal or sensitive information without first
verifying the legitimacy of the request.

Malware attacks: Malware can be installed on a user's device, which can steal sensitive information.

Identity theft: Hackers can steal a user's identity and use it to make unauthorised transactions.

Social engineering: Fraudsters can manipulate users into providing sensitive information by posing as legitimate
entities.

Evolution of Mobile payments

The evolution of mobile payments in India has been a fascinating and transformative journey over the last few
decades. The first electronic payment systems emerged in the late 1990s, but the real shift towards mobile payments
began in the mid-2000s. The increasing proliferation of mobile devices and the widespread adoption of the internet
provided the necessary foundation for the development of mobile payments. The first mobile payment services were
initially launched in India by mobile operators and banks to provide a secure, convenient and easy-to-use mode of
payment to their customers.

Over time, mobile payments have evolved to become a ubiquitous part of everyday life in India, with a wide range of
payment methods and providers now available to consumers. These include mobile wallets, payment banks, mobile
point-of-sale systems, and unified payment interfaces. Each of these payment methods offers its own unique set of
features, benefits and security measures.

Mobile wallets, which are essentially digital wallets that allow users to store money and make payments, have become
particularly popular in India. These wallets can be linked to a user's bank account, debit card or credit card, allowing
them to make payments from their mobile device without the need for cash or a physical payment card. Some of the
popular mobile wallet providers in India include Paytm, PhonePe, Google Pay, and Amazon Pay.

The introduction of payment banks has also been a significant development in the mobile payments landscape in India.
Payment banks are specialised banks that focus on providing financial services to underserved and unbanked segments
of the population. They offer basic banking services, such as savings accounts, money transfers, and bill payments,
through mobile and internet-based channels. Some of the popular payment banks in India include Paytm Payments
Bank, Airtel Payments Bank, and Jio Payments Bank.

Mobile point-of-sale systems (mPOS) are another key feature of the mobile payments ecosystem in India. These are
portable devices that allow merchants to accept card payments from customers using their mobile devices. mPOS
systems have become particularly popular with small and medium-sized businesses, as they offer a more affordable
and convenient way of accepting payments than traditional point-of-sale systems.

Unified Payment Interface (UPI) is a system launched by the National Payments Corporation of India (NPCI) in 2016
that has revolutionised the mobile payments landscape in India. UPI enables users to transfer money between bank
accounts instantly using their mobile device, without the need for an intermediary payment gateway. UPI has become
a popular payment method for a wide range of transactions, from person-to-person transfers to bill payments and
online shopping.

Overall, the evolution of mobile payments in India has been driven by a range of factors, including the proliferation of
mobile devices, the growth of internet connectivity, and the increasing demand for more convenient and secure
payment options. Mobile payments have transformed the way people in India make payments, with digital payments
28
becoming a preferred mode of payment for many consumers. The future of mobile payments in India looks promising,
with the continued innovation and development of new payment methods and technologies, and the ongoing efforts to
improve security and enhance the user experience.

Security measures implemented by mobile payments service providers:-

Authentication methods:-

Mobile payments service providers have implemented a range of security measures to protect their customers' data and
transactions. These measures include:

Authentication methods: Mobile payments service providers use various authentication methods, such as passwords,
biometrics, and two-factor authentication, to ensure that only authorized users can access their services.

Encryption technologies: Mobile payments service providers use encryption technologies to protect their customers'
data during transmission and storage. This ensures that sensitive information, such as payment card details, is not
intercepted or stolen by hackers.

Monitoring and detection of fraudulent activities: Mobile payments service providers employ advanced fraud detection
systems to monitor transactions and detect any suspicious activities, such as unusual spending patterns or transactions
from unusual locations. This helps to prevent fraudulent transactions and protect customers from financial losses.

Industry standards and regulations: Mobile payments service providers follow industry standards and regulatory
guidelines, such as the Payment Card Industry Data Security Standard (PCI DSS), to ensure that their systems and
processes are secure and comply with the relevant regulations.

Customer support: Mobile payments service providers offer customer support to help users with any issues or
concerns they may have. This includes providing guidance on how to use their services safely and securely, and
offering assistance in the event of suspected fraudulent activities.

Continuous security improvements: Mobile payments service providers are continuously improving their security
measures to keep up with the evolving threat landscape. This includes implementing new technologies, such as
artificial intelligence and machine learning, to better detect and prevent fraud.

Overall, mobile payments service providers take security very seriously and invest heavily in ensuring that their
services are secure and trustworthy. While there is always a risk of fraud and other security issues, users can take
comfort in knowing that their data and transactions are being protected by these measures.

Authentication methods are used by mobile payment service providers to ensure that only authorised users can access
their services. These methods typically involve the use of a unique identifier, such as a password, PIN, or biometric
data, to verify the user's identity.

Some common authentication methods used by mobile payment service providers include:

1) Passwords: Users are required to enter a unique password that only they know to access their mobile payment
accounts. This password is typically required every time the user wants to make a payment.

2) PINs: Similar to passwords, PINs are short numeric codes that users enter to access their accounts. They are
often used in conjunction with other authentication methods, such as biometrics.

29
 3) Biometrics: Biometric authentication methods use unique physical characteristics, such as fingerprints or
facial recognition, to verify the user's identity. This method is becoming more popular in mobile payment
services because it is more convenient and secure than traditional password-based methods.

4) Two-factor authentication: Two-factor authentication (2FA) requires the user to provide two different types of
authentication to access their account, such as a password and a fingerprint scan. This provides an additional
layer of security and makes it harder for hackers to gain access to the user's account.

5) Multi-factor authentication: Multi-factor authentication (MFA) requires the user to provide multiple types of
authentication to access their account, such as a password, fingerprint scan, and one-time passcode. This is the
most secure authentication method but can be more complex and time-consuming for users.

Overall, authentication methods are essential for ensuring the security of mobile payment services. Service providers
must carefully balance the need for strong security with the need for convenience and ease of use for their users.

Encryption technologies :-

Encryption technologies are used to protect user data and prevent unauthorised access. Mobile payments service
providers in India use encryption technologies such as SSL (Secure Socket Layer) and TLS (Transport Layer Security)
to secure the data transmission between the user's device and the service provider's servers.For example, UPI uses
end-to-end encryption to secure transactions, and e-wallets like Paytm use 128-bit SSL encryption to protect user
data.Encryption technologies are used by mobile payment service providers to protect sensitive information
transmitted over their networks. These technologies work by converting data into an unreadable format that can only
be deciphered with the correct decryption key. This ensures that even if an attacker intercepts the data, they will not be
able to read it without the key.

Some common encryption technologies used by mobile payment service providers include:

1. SSL/ TLS: Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are encryption
protocols used to secure data transmitted over the internet. These protocols use a combination of symmetric and
asymmetric encryption to encrypt data in transit

2. AES: Advanced Encryption Standard (AES) is a widely used symmetric encryption algorithm that is used to
encrypt sensitive data at rest. AES is highly secure and is currently used by many governments and organisations
worldwide.

3. RSA: RSA is an asymmetric encryption algorithm that is used to encrypt data in transit. It works by using a pair
of keys - a public key for encryption and a private key for decryption. This method is widely used in digital
signatures and is often used in conjunction with SSL/TLS.

30
4. PGP: Pretty Good Privacy (PGP) is a software program that uses both symmetric and asymmetric encryption to
protect data. It is widely used for secure email communication and is also used by some mobile payment service
providers to protect user data.

Overall, encryption technologies play a critical role in the security of mobile payment services. Mobile payment
service providers must ensure that they are using the most up-to-date encryption technologies to protect user data and
prevent unauthorised access. Additionally, they must also ensure that their encryption methods are properly
implemented and configured to prevent vulnerabilities that could be exploited by attackers.

Monitoring and detection of fraudulent activities:-

Mobile payments service providers use advanced monitoring and detection systems to identify and prevent fraudulent
activities. These systems use machine learning algorithms to detect unusual patterns or transactions that may indicate
fraudulent activity.

For example, UPI uses a risk scoring system to detect suspicious transactions and block them if necessary. E-wallets
like Paytm and PhonePe also use fraud detection systems to monitor transactions and detect any suspicious activity.

Monitoring and detection of fraudulent activities is a critical aspect of mobile payment security. Mobile payment
service providers need to have robust fraud detection systems in place to prevent fraudulent activities and protect users
from financial losses.

Some common methods used for monitoring and detecting fraudulent activities in mobile payments include:

Machine Learning: Machine learning algorithms can be used to analyse large volumes of data and identify patterns
and anomalies that may indicate fraudulent activities. By using machine learning algorithms, mobile payment service
providers can quickly and accurately detect fraudulent activities and take appropriate actions.

Behavioural Analytics: Behavioural analytics tools can be used to monitor user behaviour and identify any suspicious
activity that may indicate fraudulent activities. These tools can analyze user behavior in real-time and raise alerts if
any unusual activity is detected.

Multi-Factor Authentication: Multi-factor authentication is a security mechanism that requires users to provide more
than one form of authentication to access their accounts. By using multiple forms of authentication, such as
passwords, biometrics, and one-time passcodes, mobile payment service providers can ensure that only authorized
users can access their accounts.

Geolocation: Geolocation is used by mobile payment service providers to detect fraudulent activities by identifying
the location of the user. If a user tries to make a payment from a location that is different from their usual location, it
could indicate fraudulent activities.

Risk-Based Approaches: Risk-based approaches are used to assess the risk of each transaction and take appropriate
actions based on the level of risk. By using risk-based approaches, mobile payment service providers can quickly
detect and prevent fraudulent activities.

Overall, monitoring and detecting fraudulent activities is a critical aspect of mobile payment security. Mobile payment
service providers must ensure that they have robust fraud detection systems in place to prevent fraudulent activities
and protect users from financial losses. By using the right tools and technologies, mobile payment service providers
can quickly detect and prevent fraudulent activities and ensure the security of their users' transactions.

31
Industry standards and regulations:-

Mobile payments service providers in India are required to comply with industry standards and regulations to ensure
the security of transactions. The Reserve Bank of India (RBI) has issued guidelines for mobile payments service
providers that outline the security measures that must be implemented to protect users' data and transactions.

For example, the RBI guidelines require mobile payments service providers to implement twofactor authentication,
encryption, and fraud detection systems, among other security measures.

In addition to these measures, mobile payments service providers also educate users about the importance of keeping
their devices and passwords secure, and advise them to report any suspicious activity immediately.

Industry standards and regulations are critical for ensuring the security of mobile payments services. There are several
industry standards and regulations that mobile payment service providers need to comply with to ensure the security of
their services.

Some of the key industry standards and regulations that mobile payment service providers need to comply with
include:

1) PCI DSS: The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that are
designed to ensure the security of credit and debit card transactions. Mobile payment service providers need to
comply with the PCI DSS standards to ensure that their services are secure.

2) EMV: EMV is a global standard for chip-based debit and credit card transactions. Mobile payment service
providers need to ensure that their services are EMV-compliant to ensure that they are secure.

3) AML/KYC: Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations are designed to
prevent financial crimes such as money laundering and terrorist financing. Mobile payment service providers
need to comply with these regulations to prevent fraudulent activities and ensure the security of their services.

4) GDPR: The General Data Protection Regulation (GDPR) is a regulation that is designed to protect the personal
data of European Union citizens. Mobile payment service providers that process personal data of EU citizens
need to comply with the GDPR to ensure the security of their services.

5) ISO/IEC 27001: ISO/IEC 27001 is a global standard for information security management. Mobile payment
service providers can adopt this standard to ensure that their information security management system is robust
and effective.

Overall, industry standards and regulations play a critical role in ensuring the security of mobile payments services.
Mobile payment service providers need to comply with these standards and regulations to ensure that their services are
secure and to protect their users from financial losses and other security risk.

Trends and challenges:-

The mobile payments industry is rapidly evolving, with new technologies and innovations emerging all the time. In
this section, we will discuss some of the future trends and challenges that the industry is likely to face in the coming
years. Emerging technologies in mobile payments

Emerging technologies in mobile payments

Mobile payments are set to be transformed by a range of emerging technologies, including:

32
• Blockchain: The use of blockchain technology is likely to become increasingly common in the mobile payments
industry, as it provides enhanced security and transparency.

• Biometric authentication: Biometric authentication, such as fingerprint and facial recognition, is becoming more
common in mobile payments, offering a faster and more secure method of authentication.

• Internet of Things (IoT): The growth of the IoT is expected to drive the adoption of mobile payments, as more
devices become connected and enable payments.

• Artificial Intelligence (AI): AI can be used to improve fraud detection and prevention in mobile payments, as well
as to personalise the user experience.

There are several emerging technologies that are transforming the mobile payments landscape, enhancing the security
of mobile payments, and improving the user experience. Some of these emerging technologies include:

1) Biometric authentication: Biometric authentication is an emerging technology that uses unique biological traits
such as fingerprints, facial recognition, and iris scans to authenticate users. Biometric authentication is more
secure and user-friendly than traditional authentication methods such as passwords and PINs, and it is being
widely adopted by mobile payment service providers to enhance the security of their services.

2) Blockchain: Blockchain technology is a distributed ledger that enables secure, transparent, and tamper-proof
transactions. Mobile payment service providers can use blockchain technology to enhance the security and
transparency of their services, reducing the risk of fraud and improving the user experience.

3) Tokenisation: Tokenisation is an emerging technology that replaces sensitive data such as credit card numbers
with unique tokens. Tokenisation is more secure than traditional data storage methods and helps to protect user
data from theft and fraud.

4) NFC technology: Near Field Communication (NFC) technology is a wireless communication technology that
enables devices to communicate with each other at short distances. NFC technology is being widely adopted by
mobile payment service providers to enable fast and secure contactless payments.

5) Artificial intelligence and machine learning: Artificial intelligence (AI) and machine learning (ML) are emerging
technologies that can be used to enhance the security of mobile payments services. AI and ML can help to detect
and prevent fraudulent activities, improving the security and trustworthiness of mobile payments services.

Overall, emerging technologies are transforming the mobile payments landscape, enhancing the security of mobile
payments, and improving the user experience. Mobile payment service providers need to embrace these emerging
technologies to stay competitive, enhance the security of their services, and provide a better user experience to their
customers.

Future challenges in mobile payments security:-

As the mobile payments industry continues to evolve, it is likely to face a range of new security challenges, including:
33
• Cybercrime: Cybercriminals are constantly developing new methods to exploit vulnerabilities in mobile payments
systems, such as phishing attacks, malware, and social engineering.

• Data breaches: The risk of data breaches and theft of personal information remains a significant challenge for the
mobile payments industry.

• Fraudulent activities: Fraudulent activities, such as chargebacks and identity theft, are likely to remain a key
challenge for mobile payments service providers.

As mobile payments continue to grow in popularity and become more widespread, there are several challenges that the
industry will need to address to ensure the security and trustworthiness of these services. Some of the future
challenges in mobile payments security include:

1) Increased sophistication of cyber attacks: As mobile payments become more popular, cyber criminals are
likely to become more sophisticated in their attacks. Mobile payment service providers will need to stay ahead of
the curve by continuously enhancing their security measures and adopting emerging technologies to protect
against cyber threats.

2) Compliance with evolving regulations: As mobile payments become more popular, governments and
regulatory bodies are likely to impose more stringent regulations on the industry. Mobile payment service
providers will need to ensure that they are compliant with these regulations to avoid penalties and repetitional
damage.

3) Ensuring data privacy: Mobile payment service providers will need to ensure that they are collecting and
storing user data in a secure and ethical manner, to avoid data breaches and to protect the privacy of their users.

4) Maintaining customer trust: As mobile payments become more popular, it will be important for service
providers to maintain the trust of their customers. This will require transparent communication, effective user
education and awareness, and a commitment to security and privacy.

5) Integration with emerging technologies: Mobile payment service providers will need to integrate with
emerging technologies such as blockchain, AI, and machine learning to enhance the security and user experience
of their services. This will require investment in new technologies and the development of new skills and
expertise.

Overall, the future of mobile payments security will be shaped by the ability of service providers to adapt to emerging
technologies, comply with evolving regulations, and maintain the trust of their customers. Mobile payment service
providers that are able to address these challenges effectively will be well positioned to capitalise on the growth of
mobile payments and provide secure and trustworthy services to their users.

Opportunities for innovation and growth:-

Despite these challenges, there are also many opportunities for innovation and growth in the mobile payments
industry. Some potential areas for growth include:

• Financial inclusion: Mobile payments can play a key role in promoting financial inclusion, by enabling users to
access financial services and make payments in areas where traditional banking is not available.

• Cross-border payments: Mobile payments have the potential to revolutionise cross-border payments, offering a
faster, cheaper, and more secure method of transferring money between countries.

• Contactless payments: The growth of contactless payments is likely to continue, as more users adopt mobile
payments and demand faster, more convenient payment methods.
34
• Personalisation: The use of AI and other technologies can enable mobile payments service providers to personalise
the user experience, offering customised offers and services to individual users.

In conclusion, the mobile payments industry is set to face many challenges in the coming years, but also many
opportunities for growth and innovation. By staying up-to-date with emerging technologies and collaborating with
regulators and other stakeholders, mobile payments service providers can build a more secure, stable, and inclusive
ecosystem for users.

The growth of mobile payments has opened up several opportunities for innovation and growth, both for existing
service providers and for new players entering the market. Some of the key opportunities for innovation and growth in
mobile payments include:

1. Contactless payments: With the ongoing COVID-19 pandemic, there has been an increased demand for
contactless payments, which can help to reduce the risk of spreading the virus. Mobile payment service providers
can capitalise on this trend by developing and promoting contactless payment solutions that are convenient,
secure, and easy to use.

2. Peer-to-peer payments: Peer-to-peer payments, which allow users to send money to one another directly, have
become increasingly popular in recent years. Mobile payment service providers can enhance their peer-to-peer
payment solutions by integrating with social media platforms and other popular messaging apps, making it easier
for users to send and receive money from their friends and family.

3. Mobile wallets: Mobile wallets, which allow users to store and manage their payment cards and other financial
information on their mobile devices, are becoming increasingly popular. Mobile payment service providers can
enhance their mobile wallet solutions by adding new features, such as loyalty programs, coupons, and offers, to
provide users with a more comprehensive and engaging experience.

4. Biometric authentication: Biometric authentication, which uses features such as fingerprints, facial recognition,
and voice recognition to authenticate users, is becoming increasingly popular as a security measure for mobile
payments. Mobile payment service providers can enhance their security measures by integrating biometric
authentication into their mobile payment solutions, making them more secure and user-friendly.

5. Integration with emerging technologies: As new technologies such as blockchain, AI, and machine learning
continue to emerge, mobile payment service providers have the opportunity to integrate these technologies into
their services to enhance security and improve the user experience.

Overall, the growth of mobile payments has opened up several opportunities for innovation and growth, as service
providers look to capitalise on the increasing demand for secure, convenient, and user-friendly payment solutions. By
staying ahead of the curve and developing new and innovative solutions, mobile payment service providers can
continue to grow and succeed in an increasingly competitive marke

35
 4. Literature Review

❑ Customer awareness of the security of mobile payment methods is an essential factor in the market
penetration of corresponding systems. In this article, we look at security issues in mobile payments from the
customer's perspective. Based on theoretical studies, we analyze empirical data from the MP2 Mobile
Payments Survey of 8295 respondents to create a set of dimensions, categories, and dimensions. The results
have scientific and practical significance. They provide the Basis for selecting appropriate indicators for
further empirical investigation. Additionally, a guide for mobile payment service providers to prevent
security concerns by properly designing and communicating their payment processes and convince
customers of the security of their processes by addressing concerns with informative advertising. is also
useful as.

[Linck, Kathrin, Key Poust chi, and Dietmar Georg Wiedemann. "Security
issues in mobile payment from the customer viewpoint." (2006):11.]

❑ Mobile payment systems can be divided into five categories, including mobile payments at POS, mobile
payments as POS, mobile payment platforms, independent mobile payment systems, and direct billing by
mobile operators. Mobile payments have become popular in many regions due to their convenience, but they
also face many threats and security challenges. This white paper introduces the mobile payment processing
model and introduces each type of mobile payment system. Summarize the security services required for
mobile payment systems and the security mechanisms currently in place. In addition, we identify and
describe three security threats. H. Malware, SSL/TLS vulnerabilities and data breaches, and four security
challenges, d systems.

Wang, Yong, Christen Hahn, and Kruttika Starve. "Mobile payment

security, threats, and challenges." 2016 second international conference on
mobile and secure services(Mabises're). IEEE, 2016.

❑ This article aims to assess the progress in mobile payment research over the past eight years. A previous
literature review (Dahlberg et al. 2008b) of articles published between 1999 and 2006showed that most
studies focused on only a few topics. To address this issue, a research plan was developed to encourage
researchers to explore new topics. Nearly a decade later, our research shows that researchers have continued
to focus on the same issues (particularly consumer acceptance and technology aspects), but with a limited
accumulation of new knowledge and similar insights. I was. In addition to reviewing the literature, we
discuss possible reasons for the lack of research diversity and propose new recommendations for improving
future research on mobile payments.

[ Dahlberg, Tomi, Jie Guo, and Jan Ondrus."A critical review of mobile
payment research." Electronic commerce research and applications14.5 (2015): 265-284.]

36
❑ Recent technological advancements have accelerated the design and deployment of various secure
applications on smartphones. Users can access and manage their data flexibly and stably by using mobile
devices as well as computer devices, but when users disclose a lot of confidential data and privacy
information through open devices and networks This raises a new dimension of security challenges. As a
result, more and more malware are compromising mobile operating systems and stealing sensitive data from
these applications. This document proposes his Trust PAY mobile payment framework on the
securityenhanced Truston platform that can ensure the security overpayment transactions and enable privacy-
friendly payments. We implemented a prototype system in a simulation environment using ARM FastModel
and the Open Virtualization Software Stack for ARM Trust Zone, and demonstrated the implementation on a
real development board using an ARM Cortile Express A9×4. Our experimental evaluation and security
analysis prove that our scheme can effectively meet practical m-payment security requirements with
acceptable performance. Additionally, Trust PAY flexibly supports the types of secure applications that
require data protection.

[ Kashiwa, Saleem,and Anwar Usman Shaheed Zulfiqar. "Analysis of mobile paymentsecurity measures
and different standards." Computer Fraud & Security 2007.6 (2007): 12-16.]

❑ Mobile payments offer businesses unparalleled new opportunities, but also new challenges. Mobile
security is one of the most pressing and complex challenges for mobile payments. It is becoming a hot topic
as Internet-enabled devices become more accepted. Despite the large number of wireless devices in use
around the world today, mobile device security is minimal. Consumer adoption of mobile payment services
will surely slow as players focus solely on bringing mobile payment infrastructure to market. The purpose
of this study is to examine mobile payments and security to find out the strengths and weaknesses of current
mobile payment services. Therefore, mobile payment services involve multiple parties such as operators,
banks and network (terminal) providers, and their business opportunities are also analyzed.

[Song, Xing Jiang. "Mobile payment and security." Seminar on Network Security.2001.]

37
According to the Mobile Payment Forum, mobile payments are transactions of monetary value carried out
over mobile telecommunications networks through various mobile user devices such as mobile phones, smart
phones, PDAs and mobile terminals. Mobile payments are transfers of money in return for goods or services
where the mobile device is functionally involved in making and confirming payments. Payers can be at the
POS or interact with merchants in other locations. Mobile payment systems allow customers to purchase and
pay for goods and services using their mobile phones. Mobile phones are used here as a personal means of
payment in connection with distance selling. Payments can be made remotely from the recipient or from a
bank. This chapter provides an overview of mobile payments.

[ Raina, Vibha Kaw."Overview of mobile payment: technologies andsecurity." Banking, Finance,and

Accounting: Concepts, Methodologies, Tools, and Applications. IGI Global, 2015.180-217.]

❑ The past two decades have seen an explosion in the emergence of various types of mobile computing
technologies, enabling users to access services anytime, anywhere from a wide variety of portable devices.
Technological advances such as low-cost, high-performance user devices (such as phones), high-speed
cellular access, secure communication protocols, and the Internet are accelerating the development and
deployment of mobile payment (mpayment) systems and applications. It has spread rapidly in many parts of
the world. Security is paramount for all parties involved in interacting with the m-payments system (users,
merchants, banks, etc.). The authors discuss various security aspects that need to be considered when
designing and implementing and-payment system. We also review the security his solution used to support
secure end-to-end m-Payment transactions. Finally, some of the future challenges and opportunities of m-
payments are highlighted as it becomes fully integrated with other emerging technologies such as 5th
generation mobile networks and cloud computing. This article is part of a special issue on mobile commerce.

38
[ Isaac, Jesús Téllez, and Zea ally Sherali. "Secure mobile payment systems." It
professional 16.3 (2014): 36-43]

❑ Mobile payments are the process by which two parties exchange monetary value for goods and
services using mobile devices. This white paper is an analysis of security issues in mcommerce
mobile payments. It introduces m-commerce and mobile payments, discusses public key
infrastructure as the basis for secure mobile technology, and provides an overview of the various
security technologies deployed in the current m-commerce market, such as WAP, SIM application
toolkits, and J2M. Explore the features. In addition, we compare the effectiveness of these security
technologies in supporting secure mobile payments and discuss research challenges to improv
eMobile payment security for largescale m-commerce deployments.

[Nambiar, Seema, C-T. Lu, and Lily R. Liang. "Analysis of

payment transaction security in mobile commerce." Proceedings of the
2004 IEEE International Conference on Information
Reuse and Integration, 2004. IRI 2004... IEEE, 2004]

❑ Treasury departments, the banking industry, and the general public suffer a lot of overhead from using
physical cash. Electronic cash, especially mobile-based payments, is a viable alternative to physical
cash due to its much lower overhead and greater convenience. Security is paramount in financial
transactions, so identifying and analyzing attack vectors is essential for this application. This article
examines mobile phone hardware/software platform choices, technologies, and operating system
vulnerabilities from multiple angles. We investigate how existing and future mobile worms can
seriously compromise the security of payments made via mobile phones.

[ Agarwal, Shivani, et al. "Security issues in mobile payment

systems." Computer Society of India (2007): 142-152.]

39
 5.BACKGROUND OF STUDY
Today it is common to see people with multiple mobile devices, all connected to the Internet or some other
network. We are all connected throughout the day, for better or worse. Today, it's hard to imagine a mobile
device without connectivity, be it a cell phone or a laptop. Many new application areas and new business
models are emerging, and new ways of using devices must be taken into account. For example, we can do
our daily work and errands on the go, even if we are in another country.

It is no exaggeration to say that this new lifestyle has offered us many new ways of doing things and has
made our daily lives easier in many ways. But like everything else in life, this amazing technology and
lifestyle comes at a price. It is clear not only the cost of equipment, hardware and software. There are hidden
costs to the average user, but they also play a big part in making the whole thing work properly. We are
talking about security here. Some might argue that security isn't all that important or important and that the
average user has nothing to hide, but this document uses areal-life example to show a real-world example.
increase. It could be a device or system with no existing security mechanism.

Today, there are companies that exist with the sole purpose or business model of carrying out online fraud,
identity theft, and various other attacks. Their motivation is that these business models generate huge sales. I
don't think it's hard to understand the value of information, especially when it comes to business.

40
 6.OBJECTIVES

The purpose of this document is to examine mobile payments in general and focus on wireless
security. Extensive study of two popular wireless standards, 3G and 802.11, and comparison from a
security perspective. In this study, we will discuss various payment methods and their included
security mechanisms and their requirements. Explore possible attacks and threats to better
understand security and how it works. Some questions that this document attempts to answer are:

* What is the usage pattern of mobile payments services in India?

*What factors influence the usage and security of mobile payments services in India?

Mobile payments services have become increasingly popular in recent years due to the proliferation
of smartphones and the digitisation of financial transactions. In India, mobile payments have
become an integral part of the digital ecosystem. The use of mobile payments services has increased
dramatically in the past few years, with more than 200 million people using these services in 2019.
This growth has been fuelled by various factors, including the government's push for a cashless
economy, the increasing adoption of smartphones, and the availability of low-cost internet services.

The following research questions which help to guide for the objectives

1. To explore the usage pattern of mobile payments services in India

2. To identify the major security concerns related to mobile payments services in India

3. To investigate the factors that influence the usage and security of mobile payments services in
India

41
 7.RESEARCH METHODOLOGY

The study follows a descriptive research design. It is concerned with describing the characteristics
of the security as well as the usage of the mobile payments services. The study is about the mobile
payments services in India. It is made to evaluate the security, identify the usage & categorise the
various Mobile Payments Services. The secondary data is collected from various journals, websites,
& articles. For identifying the relationship between the usage of the mobile payments services. For
categorising the mobile payments services the help of secondary data sources is taken which is
mentioned in the literature review , in order to evaluate the security of the mobile payments
services, a conceptual model is prepared with the help of secondary data mentioned in the literature
review. This model is then used for evaluating the security of the mobile payments services. The
secondary data is used to determine the variables (in this model) to measure the security of the
mobile payments services. Thus, the secondary data is used to construct the conceptual model

The study used a mixed-methods research approach, including both quantitative and qualitative data
collection and analysis. The primary data sources for the study were a survey and in-depth
interviews with mobile payments users in India.

The survey was conducted using an online questionnaire, which was distributed to a sample of
mobile payments users in India. The survey collected data on the usage and security of mobile
payments services, the common security concerns of users, and their attitudes towards the security
of these services.

The in-depth interviews were conducted with a selected group of mobile payments users, service
providers, and experts in the field of mobile payments security. The interviews were conducted
using a semi-structured approach, allowing for a more in-depth exploration of the participants'
perceptions and experiences.

Secondary data sources, including academic literature, government reports, and industry reports,
were also used to supplement the primary data. The data collected from the survey and interviews
were analysed using both descriptive and inferential statistics and qualitative content analysis.

This study uses a mixed-methods approach to collect and analyse data. The study involves a survey
of mobile payments users in India and an analysis of data from various secondary sources. The
survey covers users from different age groups, genders, and income levels. The survey is conducted
online using a structured questionnaire. The analysis of secondary data includes a review of
academic literature, reports, and news articles related to mobile payments services in India.

42
 8.SOURCES OF DATA

Secondary Data Sources: Some existing publications related to the mobile payments
services were also referred in this research, mainly for the two purposes viz. categorising the mobile
payments services & determining the variables for evaluating its security. Their sources are
a) Journals
b) Websites

9.Data Collection Method

The secondary data for the objective of evaluating the security was collected with the priority of the
government regulations in India & for the objective of categorising the mobile payments services
was collected considering the latest trends in the mobile payments industry.

10.Hypothesis

• H1: There is no significant difference in the Usage Frequency of the mobile payment services
based on their gender.

• H2: There is no significant difference in the Monthly Spent Money of the users of the mobile
payment services based on their gender.

11. Population
The Population for the research includes the users of the mobile payments services in India.

12.Sampling Method
The sampling method adopted was Judgemental Sampling with the purpose of prior identification of
the respondent to be the user of the mobile payments services.

43
 13.Conclusion

According to what I know as of September 2021, mobile payments have become more common in
India in recent years as a result of the growth of the digital infrastructure and government initiatives
to promote a cashless society. Security is still a major concern for both consumers and businesses.
To increase the security of mobile payments, India has implemented a number of measures. For
instance, the Reserve Bank of India (RBI) mandated two-factor authentication for all mobile
transactions, and mobile wallet providers are required to follow stringent KYC (know your
customer) guidelines. In spite of these measures, mobile payment fraud persists as a problem in
India, where hackers employ cutting-edge strategies to steal user data and money.

When using mobile payment platforms, customers should use caution and take the appropriate
safety measures, such as avoiding public Wi-Fi networks, regularly reviewing transaction records
and immediately reporting any suspicious activity.

To sum up, mobile payments have the potential to revolutionise how business is conducted in India,
but security concerns must be resolved if consumers and companies are to have a positive
relationship.

To make sure the necessary security measures are in place and to inform consumers about safe
mobile payment practices, government and private sector actors should collaborate.

44
 14.References

Bezhovski, Z. (2016). The Future of the Mobile Payment as Electronic Payment System. European
Journal of Business and Management

. Carr, M. (2008). Mobile Payment Systems and Services: An Introduction. IDRBT Hyderabad.

Dahlberg, T. (2007). Past, present and future of mobile payments research: A literature review,
Electronic Commerce Research and Applications.

Distribution of the mobile wallet market across India in FY 2017, by service type. (2017, September
21). Retrieved from www.statista.com:

https://www.statista.com/statistics/731656/

mobile-wallet market-share-by-service

India/

Fokus, S. K. (2004). Mobile Payment: a journey through existing procedures and standardization
initiatives. IEEE Communications Surveys and Tutorials.

Kauffman, Y. A. (2007). The economics of mobile payments: Understanding stakeholder issues for
an emerging financial technology application, Electronic Commerce Research and Applications.
JELERB.

PwC. (2017). Fintech India Report. RNCOS.

(December 27, 2016). "M-Wallet:

Scenario Post Demonetisation". ASSOCHAM. Hyderabad: ASSOCHAM.

Sieder, A. (2017, September 22). Payment Trends in India in 2017. Retrieved fromwww.epaisa.com:
https://www.epaisa.com/payment-trendsindia-2017/

45
https://www.okta.com/identity-101/publickey

infrastructure/#:~:text=It%20is%20the%2 0set%20of,user%20sending%20the%20dig

ital%20communication.

https://community.nasscom.in/communitie s/digitaltransformation/fintech/upipayments-top security-

issues-possibleway-arounds-an opinion.html

https://help.upstox.com/support/solutions/a rticles/248652-my-payment-has-beenfailed-what- should-

i-do-next

https://www.consumercomplaints.in/byco

mpany/upi-a443665.h

46
47