Comment by __rito__

Comment by __rito__ 2 days ago

17 replies

View on Hacker News

I wouldn’t venture in the direction that many here will take.

I will point out that India have the highest number of victims of cyber-fraud. I personally know many people who have lost significant sums through social engineering attacks. The money is transferred to multiple mule accounts and physical cash is siphoned off to the fraudsters by the owners of those account. They choose helpless, illiterate, village dwelling account holders for this.

Another huge issue is unregulated loan apps. There are horror stories of people installing apps in order to take high-interest loans and then those apps stealing their private photos and contacts or accessing camera to take photos in private moments, and then sending those photos to contacts via WhatsApp when interest payment is overdue.

Then there are obvious security issues with terrorism and organized crime.

The government wants data. It's clear why. There is huge potential for misuse.

thisisit 2 days ago

> I will point out that India have the highest number of victims of cyber-fraud

Combined with worst enforcement and investigation efforts to tackle this issue. The default resolution on a cyber crime report is : Fraudster's account is blocked and they are given a choice to plead forgiveness from the accuser. They often return the money in lieu of the complaint being rescinded. Then fraudster is free to con others. Fraudsters know this is a numbers game that is why they hit every morsel they can get a bite.

Worse yet people use the cyber crime provision to take revenge. People can file frivolous cases without proof and ge others account locked. Banks will treat you with disdain and police will tell you to settle privately too.

What about investigations you ask? Very few cases reach that level. Local police file the FIR and they don't even know what is "cyber" in cyber crime. Fraudsters can continue playing the numbers game.

So, yes it is easy to talk about victims when the policies are lacking. And then this high number of victims can be used as a crutch to push insecure apps on everyone's phones. The worst part of it? They will get data and still remain clueless and inept in solving the high number of cyber crimes.

Reply View 1 reply
  • __rito__ 2 days ago

    Local police stations often refuse to file even an FIR. The reason we have such good data, is possibly due to the banks reporting them.

    If it were up to the police, then we wouldn’t even hear about 25% of the cases.

    Reply View 0 replies
marginalx 2 days ago

And you trust the government to only use it for good purposes? and not to track people who may be protesting or belong to opposing political/religious/cultural views? We know based on historical pegasus complaints that this trust has to be earned and can't be given.

There are lots of ways to solve for this, mandating that these companies own the identification process through their systems, report misuse, govern apps. Why taken on the ownership of a process that is better handled outside of government while the government holds them to account via huge fines and timelines but giving these large companies ownership of protection from scams or stolen phones etc...? win win and I think these large companies are due spending extra money to protect their users anyway.

Reply View 5 replies
  • __rito__ 2 days ago

    I don't trust anyone blindly. The point of my comment was not to support the decision, but to show where it might be coming from.

    What's inherent in the comment is- there are simply too many people to educate, "made aware", etc. So, this might be a knee-jerk reaction to fight cyber fraud. Not Big Brother sensorship.

    I can say these because I know too much about the ground reality. An example from top of my head- SBI e-Rupee app doesn't launch in your phone if you have Discord installed. Yeah. Just because some scammers communicated through Discord.

    Of course, I cannot guarantee that something sinister is not being planned or that this app won't be utilized for something bad.

    There is also a small chance of some bureaucrat in management position taking this decision, so he can write in his report- "Made Sanchar Saathi app download soar up to X millions in 3 months through diligent effort..." just like highly placed PMs/SVPs in large tech companies eyeing a promotion.

    Reply View 0 replies
  • roncesvalles 2 days ago

    Automatic mistrust of the government is a pretty juvenile take. Yes there are tons of ways, and having OEMs preload an app is the easiest one in a country of 1.1B mobile connections.

    Reply View 3 replies
    • crumpled 2 days ago

      > Automatic mistrust of the government is a pretty juvenile take.

      This statement seems naive at best and manipulative at worst.

      Reply View 0 replies
    • marginalx 2 days ago

      So, if you have tons of ways - you vote for the way that could lead to potentially the most exploitation of the population? No one is saying it "will" be exploited, but the potential itself should steer the solution clear off that direction.

      Reply View 0 replies
    • kragen a day ago

      Automatic mistrust of the government is the only sensible point of view and the bedrock foundation of liberalism and democracy. Any other attitude toward government is fatally naïve.

      Reply View 0 replies
kylehotchkiss 2 days ago

Gonna agree with you, even Singapore has announced several policy changes the past few weeks to deal with all the fraud - more severe punishment and forcing apple to change how iMessage spam with .gov.sg domains is handled.

I don't think this new app will resolve India's fraud issues unfortunately, there probably needs to be more policy changes at banks/fincos. As much as India obsesses with KYC processes, it doesn't seem to be working/enough. I don't see this new app being required as something totalitarian, it would be much easier for the gov to ask for that type of stuff to be tacked on to UPI apps anyways.

Reply View 0 replies
lallysingh 2 days ago

Yeah this is the wrong audience for this argument, but it has merit. An app like this can be both a massive government power grab and useful to protect many, many people who are vulnerable to fraud.

The number of my relatives that will just believe whatever someone tells them on the phone is terrifying.

Reply View 1 reply
  • marginalx 2 days ago

    This is quite dismissive of the audience, how do you suggest this app protects the people from believing whatever someone says?

    Reply View 0 replies
JumpCrisscross 2 days ago

> I will point out that India have the highest number of victims of cyber-fraud

Based on what?

> Another huge issue is unregulated loan apps

You don't need to root everyone's phones to regulate financial crime.

> Then there are obvious security issues with terrorism and organized crime

India is building a centralised backdoor into every phone in the country. That's a massive national security risk.

Reply View 4 replies
kragen a day ago

Having a single CrowdStrike-like point of failure will probably make these problems worse overall, but burstier.

Reply View 0 replies