Header image alt text

Naavi.org

Building a Responsible Cyber Society…Since 1998

The fact that Technologists have scant regard for law is well known. The developments in the Bitcoin scenario is an indication.

Despite Bitcoin is the established “Currency for the Criminals” and “Black Money Hoarding Tool”, technologists say “So What?… I will do what I want.. Let Modi catch me if he can”. Some will say it is “Innovation for Disruption”.

RBI does not have the courage to do what it knows is good for the society…that is banning private Crypto Currencies like Bitcoins like we ban drugs and arms trading.

One of the ways by which Crypto Currency is trying to establish itself is by making Block Chain technology creep into Banking transactions and gain a level of respect that will latch onto Bitcoin as well in due course.

Few in the public will realize that Block chain is a technology and Bitcoin is a product and Blockchain may be acceptable but Bitcoin is not. Bitcoin will be promoted on the adoption of Block chain as a technology under the pretext “Block Chain is adopted by Banks and hence Bitcoin is also likely to be adopted by them soon”… The myth will be corroborated by the news about the price of Bitcoins soaring.

We need to therefore to ensure that Block chain technology does not have an unfettered entry into the system. If Bitcoin has to be blocked, Block Chain’s limitations need to be exposed.

Now we have the dangerous tendency creeping into the Banking system where “Block Chain Technology” is being implemented for different transaction recording. ICICI Bank has reportedly made transfers of Bitcoins from Gulf though the legality of Bitcoin is itself not settled. As long as Bitcoin is being treated as a currency, it is illegal and any Bank indulging in activities related to Bitcoin is violating the RBI Act.

Today, it is reported that InfosysFinacle  has launched a new product “Finacle Trade Connect” incorporating the blockchain based trade finance solution for banks.

Mr Sanat Rao, Chief Business Officer speaking at the time of launch has stated ” the new solution will provide higher automation, increase transparency and enable real-time availability of data”.

Significantly, he has also said

“The framework is ledger agnostic and is capable of working with most industry leading blockchain platforms such as Bitcoin, Hyperledger, Ethereum and Corda”.

This is therefore to be construed as a promotion of Bitcoin, Ethereum and other “Criminal Currency” and Infosys will today join the ranks of terror sponsor organizations like People Front of India (PFI) in radicalizing the Indian Monetary system.

It is unfortunate that the business case made out by Infosys Finacle is to provide a platform for use of Bitcoins and other private Crypto Currencies which are an alternative to holding of Black money.

This is a direct affront to Mr Modi’s fight against corruption and fight against Black money and today Infosys Board including Mr Narayana Murthy and Nandan Nilekani has to explain the statement of Mr Sanat Rao.

I also state yet again, Mr Urjit Patel the Governor of RBI is allowing these developments because he has chosen to remain silent without showing the guts to oppose Bitcoin. I have no expectation from Mr Arun Jaitely and the Finance Ministry because I feel that they are actually in support of Bitcoins and are only held back by RBI’s opposition and possible Supreme Court intervention.

Where does Mr Modi and Amit Shah stand on this? As of now it is not clear. Though I have sent many communications to the PMO, Mr Modi and the PMO has chosen to remain silent because they donot want to go against Mr Arun Jaitely’s advise. I presume that Mr jaitely is still reeling under the pressure of managing the fall outs of demonetization and GST and is unable to take any other hard decisions and will be happy to procrastinate and keep “Observing” how Bitcoin creeps into our economy.

We Indians did the same mistake of allowing terrorism creep into Kashmir and today Kashmir is a problem that has become too difficult to handle politically. Same way Bitcoin if not killed today will eat into Indian Economy and devour our system.

While the politicians wait for the Gujarat elections to be over, I would like to ask some questions to RBI and IDRBT.

  1. Finacle Trade Connect is meant to be a product to be used in the Banking system. Is it not necessary for IDRBT to clear the software? Has it been done?
  2. Block chain is a technology of ledger keeping where there is no central authority for authenticating any transaction. It is a peer to peer authentication. Our Banking system involves a Banker-Customer contractual relationship. If I as a customer of a Bank propose a transaction to the Bank how can some Tom Dick and Harry operating a block chain node approve my transaction? Is it not a power of attorney holder of the Bank alone who has the right to approve my transaction?
  3. Why should every block chain node at all be aware of my transaction even if it is encrypted?
  4. How does Banking law permit disclosure of my confidential transaction to be published on the block chain?
  5. Who will take the liability if the approval is defective?
  6. What if the block chain forks?
  7. Since Block chain is a public chain, is it not amenable for DDOS attacks and malware injection?.. Who will be responsible for such malware attacks?
  8. Is the statement of Finacle indicative that IDRBT has approved Bitcoin as a technology and Banks are preparing for use of Bitcoins in their transactions?
  9. Since Infosys is the organization behind GST which had many technical glitches thanks to their inefficiency, will Infosys also push the Block Chain technology to GST as well?
  10. Dear Mr Modi, are you aware of the implications of remaining silent on Bitcoin introduction into our economy?. I donot see any difference between this and the poisoning of the Indian minds by organizations like Zakir Naik and PFI. Why are you shying away from taking control of this Black money alternative called Bitcoin?

I look forward to agencies like RBI and Finance Ministry to respond to these questions. Honest India wants to know if Corruption has grown so big that even Mr Modi has to bow his head before Bitcoin?

Naavi

P.S: As an honest Citizen of India, Naavi has done enough to highlight the dangers of Bitcoins and why it needs to be banned in India. If the Government, RBI and informed members of Public still wants to embrace Bitcoins it is their choice.

However, if the Indian economy collapses, then even people like us will have to suffer. But if this is the future of India we have to suffer and the concept of Achche Din, perhaps Naavi has to also accept defeat that Corruption in India is the king and Bitcoin which is the most effective tool of corruption cannot be defeated…. 

Hope this is the last article on Bitcoin that I need to write…

Naavi

 

New Banking Licensees- Beware of IT Companies who want to trap you.

Posted by Vijayashankar Na on July 9, 2013
Posted in BankCyber CrimeRBI  | Tagged With: , , , , , , , | 1 Comment

RBI has now invited applications for new banking license from private sector which has attracted 26 aspirants to make an application. Many of these are thinking of building their Banking empire on the edifice of technology.

Already, Indian Banking system has become extremely “Technology Dependent”. In fact RBI is making it mandatory even for RRBs to run on “Core Banking Platform”. RBI looks at Core Banking Software systems as a means of better information collection which may help RBI in the administration of its monetary policies. However, in the process RBI is forcing a banking platform which is unfamilar to the Bankers unmindful of the unsafe nature of the software.

The “Eurograbber” risk that has resulted in more than 36000 banking frauds across the European countries and is threatening to enter India. Once it hits the Indian shores, it can destabilize even the strongest of the strong Banks who are operating in India at present.

At this time the new Banking entrants appear to present an even higher risk for the Customers than the existing Bankers since their technology dependence is expected to be higher.

One of the reasons why these new Banks will be more technology dependent is that they will chase profits in a competitive world as late entrants they need to make money by being more efficient. This of course is a good strategy and perhaps even inevitable.

Even before the applicants can be sure about getting their licenses, the IT Companies are already behind them to sell their “Core Banking Applications”. Some of them may even like to be called “Partners” is setting up the new Banks. This again is a genuine marketing activity and is to be expected.

However in the process of listening to the high profile marketing pitch from IT Companies, the new Banks should be aware of the dangers of setting up their Banking entity as a dependent entity on the technology platform supplied by the IT Companies.

We must remember that all these companies are supplying “Core Banking Systems” that have not only failed to stop the Euro grabber type of Trojans but are also not cyber law compliant since they are using “Password based authentication systems” instead of “Digital Signature Based authentication systems”.

Since many of the new Bank license applicants are not fully conversant with the Information Risk environment in the Banks and at least some of them are new to the Banking system itself, they could end up becoming over dependent on the software in driving their Banking business.

Bankers should understand that it is not Infosys or Oracle or Tata Consultancy that will determine how the Banks need to carry on their Banking activities. IT is only a tool with which Banks do their business as defined by the Banking regulation act 1949.

In the past these IT Companies have hoisted under performing software on the industry which is one of the root causes for the information risk inherent in the industry today. These IT companies sell software which is convenient to them and not what is safe for the customers. This is the reason why the “Eurograbber” or “Zeus” type of trojans can make merry in the system.

Unless the Bank owners demand a “Secure Banking Software” as a pre-condition these IT Companies will continue to make money at the expense of Bank customers.

Even the Banks need to ensure that they have enough internal expertise in “Core Banking” with which they can evaluate the functional aspects of a software and identify the security loopholes. Unfortunately many of the new generation Banks think banking to be a “Customer Acquisition Marketing program” and engage professionals who are good in marketing but have little knowledge of the domain. They consider each customer as a “Profit Center” and try to maximize the profit per customer. In the process, if the customer collapses, they donot mind and move onto the next customer.

We need “Customer Centric Bankers” who keep the interest of long term customer relationship as the key principle of banking and convert it into software specifications. The present situation where Banks are reluctant to use Digital Signatures for banking authentication and ignore the need to use “Real time risk management software” are indications of the fact that most Bankers are not able to understand the Banking risks and how it translates into information risk in a technology banking area.

Though there has been an improvement of information security practices in some Banks in the last 6 months, many Banks are far below the expected level of security.

The new Banking license aspirants should therefore avoid falling a prey to the IT Companies by accepting their proposals on the dotted line and demand that the software vendors assume the responsibility for frauds arising out of technology issues.

Customers are indifferent as to whether the technology vendors bears the risk of technology frauds or the Bankers but are keen that RBI makes Cyber Crime Insurance mandatory for the new Banks as a part of the licensing regime.

Older Banks may be happy with the proposal since it will create an additional barrier to the new Banks. It is left to the RBI to decide if Cyber Crime Insurance should be made mandatory even for the existing Banks. But even if Cyber Crime insurance is not mandatory for existing Banks and becomes mandatory only for the new generation Banks, it could become a factor of differentiation with which new Banks may promote their deposit products.

Whether the Banks are happy or not, if RBI makes Cyber Crime Insurance mandatory for new Banks, it would make the customers of the new Banks happy.

This should also add to the viability of the new Banks amidst the pressures of Financial Inclusion and Priority Sector lending. Since the technology platform of these Banks is being created afresh, it is possible for the Cyber Crime Insurance industry to work in close alliance with the technology vendors, Information Security professionals and the user Banks and ensure that the systems are tweaked to improve the security levels to levels higher than at present.

We can therefore look for more interesting and exciting times ahead for the Banking industry in India.

Naavi

Related Article:

Indian IT companies chase banking licence hopefuls

Earlier articles on New Banking License