As UPI usage soars, so do scams — Here’s how to stay protected
What looks like a promising growth of digital transactions in terms of quantity as well as volume has a flip side too: growing number of cyber frauds.
In May 2025, UPI transactions saw 33 percent jump in the number of transactions year-on-year and 23 percent growth in value terms. Overall, the number of UPI transactions stood at 18.68 billion in May 2025 amounting to ₹24.77 lakh crore.
What looks like a promising growth of digital transactions in terms of quantity as well as in volume has a flip side too: growing number of cyber frauds.
The RBI does not maintain any data with regards to loss due to cyber frauds but the total loss due to frauds under the category of card, internet and digital payments collectively amounted to ₹107.21 crore in FY 25 (till Dec 2024). In 2023-24, financial loss on account of online frauds amounted to ₹177 crore which stood at ₹69.68 crore in 2022-23. Notably, this includes only those transactions wherein amount was bigger than ₹1 lakh.
| Year | Number of frauds (more than ₹one lakh) | Loss (in ₹Crore) |
|---|---|---|
| 2022-23 | 6,699 | 69.68 |
| 2023-24 | 29,082 | 177.05 |
| 2024-25 (till Dec'24) | 13,384 | 107.21 |
(Source: Sansad.in)
The total loss on account of frauds in the past 10 years amounts to ₹733.26 crore, per the information tabled by Pankaj Chaudhary, minister of state in the ministry of finance in the Parliament on March 10.
Consequently, digital payment providers tend to follow multiple layers of encryption and security protocols to minimise the occurrence of these frauds.
Vijay Khubchandani, Founder and CEO of Seven, which builds smart rings to enable digital payments via UPI, says “We provide a multi-layered approach to security and keep your data and transactions protected at all times. We ensure that the data is secured using AES-256-bit end-to-end encryption standards. In addition to the multiple layers of encryption and security protocols, we use multi-factor authentication (MFA) with one-time passwords (OTPs) and biometric data.”
Tarun Kher, Partner, Risk Advisory Services, BDO India, highlights the collateral damage caused by prevalence of digital payments. “With growth comes complexity. As digital payments become the norm, they also introduce evolving risks, ranging from cyber fraud to regulatory gaps. Cybercriminals exploit users through advanced phishing, fake payment handles, OTP hijacking, and even AI-driven impersonation. Such frauds increasingly target not just individuals but enterprises and intermediaries.”
Being a chartered accountant, Kher emphasises the role of auditors in minimising the occurrence of such frauds.
“Every digital transaction generates data, and every data touchpoint becomes a potential vulnerability. Whether malware-infected devices or weak third-party APIs, payment ecosystems are exposed to constant cyber threats. Auditors need to conduct holistic cybersecurity assessments, spanning application interfaces, networks, and cloud infrastructure,” he adds.
Third party platforms
Payment service providers often rely on third-party platforms and cloud vendors for critical operations. A breach in one vendor’s environment can impact the entire payment chain, explains Kher. Therefore, auditors must evaluate vendor due diligence procedures and assess contractual safeguards for data security, he adds.
While explaining the security system, Khubchandani of fintech start-up Seven, says, “With secure software development practices in place, we build resilience into each layer of security within the wallets. In addition, we use real-time threat monitoring to identify breaches in security to identify any anomalies in data.”
“With secure software development practices in place, we build resilience into each layer of security within the wallets. In addition, we use real-time threat monitoring to identify breaches in security to identify any anomalies in data,” Khubchandani adds.
Tips for digital payment users
If you are a customer of a digital payment app, it is recommended to follow these tips to minimise the occurrence of fraud.
I. Do not download any suspicious link you received on SMS or WhatsApp, regardless of temptation.
II. Although digital payments can be done seamlessly with ease, but once the money leaves your account, it will not come back. So, transfer money only when you are sure of the legitimacy of transaction.
III. If you lose money to a fraud or cybercrime, make sure you suspend your UPI account and report the incident to your bank immediately.
IV, Needless to mention the oft-repeated tip: never share your OTP with anyone, not even with a bank employee.
For all personal finance updates, visit here
Catch all the Instant Personal Loan, Business Loan, Business News, Money news, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.