As Boundparivar Microservice Foundation’s technology grows, it’s more critical than ever to take steps to protect consumer data and information systems. We work hard to secure and protect our customers’ information because it is at the heart of our business. The Boundparivar Information Security Program is designed to align information security with operational strategy, ensure compliance with applicable statutory, local laws, and regulatory requirements, manage, monitor, and mitigate information security risks and incidents, optimize information security investments, manage information security resources efficiently, and monitor the Information Security Program’s ongoing effectiveness.

Contact the Information Security

    customercare@boundparivar.com

KYC Fraud

Know Your Customer (KYC) Frauds

About KYC

Know Your Customer (KYC) is an identity verification process followed for new customers while joining and existing customers.

Why KYC is important?

The main purpose of KYC is to prevent identity theft, terrorist financing, money laundering, and financial fraud. The KYC process helps NBFC to verify the customer identity. As per the RBI norms, KYC has become mandatory requirement.

The following details of customers are collected to complete the KYC process.

  • Legal name
  • Identity proof
  • Aadhar Proof
  • Bank Passbook
  • Address Proof, etc.,

Taking advantage of this provision, fraudsters send bogus SMS/text messages or make bogus phone calls posing as Boundparivar representatives in order to obtain personal information from customers. The fraudsters may provide the customers with a phishing link or a 10-digit mobile number, or they may persuade them to give them access to their digital device, through which they intend to obtain the customer’s personal information in order to gain unauthorized access to their banking accounts and steal money. 

Safety tips for safeguarding against such cyber frauds:

  • Never click on unknown links or links received from unverified sources.
  • Always remember that a NBFC or other authorized institutions, never does KYC on calls or send any links to its customers, for updating KYC.
  • A valid customer care number can never be a 10-digit mobile number as generally given in the fake message.
  • Never share your mobile number, account number, password, OTP, PIN, or any other confidential details with anyone. Any authorized bank or customer service never asks its customers to share any confidential information.
  • Avoid contacting the customer service/contact numbers provided on google search.  Only contact the authorized numbers provided original banking websites.
  • Do not give your access to your device for anyone by installing remote access type of applications (Any Desk, Quick support, Team Viewer etc.)
  • Only use original apps downloaded from authorized stores /websites, do not download third party apps.
  • In case of any such issues immediately report to the specific NBFC authorities immediately.
  • File an online complaint regarding any such frauds on the government portal ww.cybercrime.gov.in

Contactless Payments

Threats of contactless payments

Methods for fraudsters to commit financial fraud by utilising the contactless payment feature

  • Use a POS terminal or a Mini-card reader to conduct the transaction without the user’s knowledge.
  • Because there is no PIN or password required, misplaced/lost/stolen cards can be easily misused by fraudsters for unauthorised transactions. 
  • Fraudsters can bypass the maximum transaction limit by using a technique known as “Man in the middle attack,” which uses specialised hardware to capture and insert messages. 

Security tips

  • Enable the mobile banking app-based control (if available) to disable contactless payment and cap the transaction limit when not in use.
  • Use special wallets/holders that can protect you from unauthorised contactless transaction access and skimming.
  • Always keep track of your financial transactions, be on the lookout for any updates on unauthorised transactions and double-check your account statements on a regular basis.
  • In the event of theft or loss, immediately block the card and notify your bank.
  • You can also report financial fraud online at the National Cyber Crime Reporting Portal (cybercrime.gov.in).

SMS / Email / Instant Messaging / Call Scam

it back. Fraudsters circulate fake messages in Instant messenger / SMS / social media regarding availability of attractive loans and use the logo of any known NBFC as profile picture in the mobile number shared by them to induce credibility.  The fraudsters even share their Aadhaar card / Pan Card and fake NBFC ID card.

After sending such bulk messages /SMS /email to loan seekers, the fraudsters call random people and share fake sanction letters, copies of fake cheques, etc., and demand various charges. Once the victims pay these charges, the fraudsters abscond with the money, leaving the victim with very little chance of getting

Good and Strong Password

  • Use at least 8 characters or more to create a password. The greater number of characters we use, the more secure is our password.
  • Use various combinations of characters while creating a password. For example, create a password consisting of a combination of lowercase, uppercase, numbers and special characters etc.,
  • Avoid using the words from dictionary. They can be cracked easily.
  • Create a password such that it can be remembered. This avoids the need to write passwords somewhere, which is not advisable.
  • A password must be difficult to guess.
  • Change the password once in two weeks or when you suspect someone knows the password.
  • Do not use a password that was used earlier.
  • Be careful while entering a password when someone is sitting beside you.
  • Do not use the name of things located around you as passwords for your account.

OTP based Fraud

  • Use at least 8 characters or more to create a password. The greater number of characters we use, the more secure is our password.
  • Use various combinations of characters while creating a password. For example, create a password consisting of a combination of lowercase, uppercase, numbers and special characters etc.,
  • Avoid using the words from dictionary. They can be cracked easily.
  • Create a password such that it can be remembered. This avoids the need to write passwords somewhere, which is not advisable.
  • A password must be difficult to guess.
  • Change the password once in two weeks or when you suspect someone knows the password.
  • Do not use a password that was used earlier.
  • Be careful while entering a password when someone is sitting beside you.
  • Do not use the name of things located around you as passwords for your account.

Fake Loan websites / App Frauds

  • Fake Loan websites / App Frauds

     

    • There are many unscrupulous loan apps which offer instant and short-term loan. These apps dupe the borrowers and may also charge significantly higher interest rates.
    • To attract gullible customers, the fraudsters advertise “limited period offers” and ask applicants to make urgent decisions using scareware tactics.

    Precaution

    • Check the following points before taking loan from dubious loan app, etc.
    • Is the lender more interested in knowing personal details rather than checking credit scores?
    • Is the lender registered with the Government / authorized agencies?
    • Check whether the lender has provided a physical address or contact information; otherwise, it may be difficult to contact them at a later point .
    • Remember any reputed NBFC / Bank will never ask for payment before processing the loan application.
    • Genuine loan providers never offer money without verifying documents.
    • Verify if these NBFC-backed loan apps are genuine.

Information Security Alert

Due to the pandemic crisis, we strongly advise you to use our digital solutions for all EMI transactions.

However, never share your personal confidential information, such as Card Number, Card Expiry Date, CVV, OTP, Internet Password, UPI PIN, and so on, with anyone via unsolicited calls, SMS, IVR, or e-mail.

Boundparivar Microservice Foundation never requests such information.

Do not forward Boundparivar SMS to anyone.

Do not give your SIM card to anyone who is not authorized to have it. 

Do not click on links in messages or emails that promise free COVID-19 testing, COVID vaccines and remedies, Reward Point Redemption, Income Tax Refund, Web Series Subscription, and so on. These could be fraudsters attempting to steal your personal information. 

PLEASE STAY ALERT and SAFE.

 

Information Security Advisory Customers

Security Advisory 

You may have received numerous emails, SMS messages, or WhatsApp messages purporting to be from your Boundparivar, advising you to click on links provided in the email or message to update or activate financial services. But proceed with caution. They could be malicious links that infect your device with malware or steal sensitive information such as your account number, Internet Banking user id, passwords, and so on.  

Best Practices

 

  • Do not click on links sent to you via email or SMS from unknown senders.
  • To ensure the authenticity of an email, always check the sender’s email address in addition to the display name.
  • Always access your Boundparivar approved payment portal by entering the URL directly into the browser.
  • Always keep in mind that Boundparivar will never request an OTP, Password, Mobile Banking PIN, debit card details, OTP, CVV, or other confidential information via email, SMS, or phone call.
  • Do not install unknown apps.