WATCH: How a 25 year old is helping keep RBI’s payment system safe from hackers

April 17, 2016 chief technology officer, commercial bank, hacker, london, Lucideus Tech, nare..., New Delhi, reserve bank of india, Saket Modi, techies, umbrella organisatio, Unified Payments Interface

An ethical hacker in his mid-20s and a dozen techies at the company he co-founded have been spending sleepless nights even as the Reserve Bank of India and commercial banks were preparing for the launch of the Unified Payments Interface (UPI).

Saket Modi’s Lucideus Tech was among cybersecurity specialists hired to keep hackers off the technology that allows easier transfer of money between bank account using smartphones and touted to be the biggest development since ATM.
UPI has been developed by the National Payments Corporation of India
(NPCI), an umbrella organisation for all retail payment systems of the government. It is also responsible for maintaining it.
“UPI isn’t a step but a leap forward. It will set a new benchmark for the world to follow,” Modi, CEO of Lucideus, told from London. “We feel proud and privileged to contribute our bit and be a part of this revolution.” New Delhi-based Lucideus, which has been working on the project for three months, will continue to look after the payment gateway’s security for the next few years, he said.
The company is working on the platform’s cyber security, an NPCI official confirmed. RBI didn’t respond to an email seeking
comment on the support Lucideus provided.
UPI, an app that customers can download on their mobile phones, can be used for making banking transactions — third-party
payments, sending and receiving money — below Rs 1 lakh with minimum of fuss. All that’s needed to do this is a unique
identification number. Many predict UPI would push the country towards becoming a cashless economy.
While the platform was getting ready, securing it from increasing threat of cyber attackers was of utmost importance.
“There are multiple layers of security checks implemented when any transaction occurs on a bank’s mobile application using
UPI. This is not just in between the user and the app but also between the banks, merchant and the UPI engine,” said Modi, who
also advises banks globally on cyber risk management.
Modi is working also with several billion-dollar startups in India. Lucideus and Modi offered support also to the Ministry of
Corporate Affairs, other ministries and investigation agencies on cyber security.
A person involved in the project and working with the government, said: “There are many banks who want to be part of the UPIand we have taken utmost care around security. However, right now our focus is to create awareness in users about securing
their smartphones first.”
He said there is a layered security for UPI to ensure and protect the customer. The security method used by UPI is also used by
the biggest companies in the financial sector globally.
At least 19 major banks have joined the UPI platform and more are set to join, said experts.
When asked about the security of the UPI, N Rajendran, chief technology officer, NPCI said,
“NPCI systems are secured with state of the art security infrastructure with continuous monitoring and best practices. NPCI
follows integrated approach to protect various NPCI product’s infrastructure and engages with various external information
security industries for building secured products for the payments ecosystem.”

source