A Dialogue on UPI and its future.

In the mid of 2016, NPCI has launched United Payments Interface and for around 5 months it's not much known to anyone. And then a very big thing happened in India. In November 2016, Prime Minister Narendra Modi had announced the ban of 1000 and 500 Notes permanently. And the growth of digital payments skyrocketed from that day. PayTM was a big beneficiary and it even had the infrastructure to handle that amount of traffic. But also there was one more new entry which was slowly growing and taking its place in the digital payments space in India. Indian homegrown UPI.

The technology was revolutionary, never done in any country ever until now, and as we all know that we Indians always strive to do things in the least amount possible in a most reliable way, UPI is a peak of that. NPCI took it as a challenge to create a system of digital payments so that its economy is not disrupted as with the cash system( Black Money). Since UPI is always between bank to bank transactions, every transaction is recorded by NPCI, but carefully isolating the details of our banking credentials with third parties. From the moment of registering our bank account with any UPI app be it Google Pay, PhonePe, etc not once we have provided full details of our bank account or card details to those apps. That is the beauty of UPI. It is the most secure way we can transact at this moment.

How is UPI more secure than any other Payment modes in the world? Let's see that here. Any payment system needs to have two-layer security in their payment mode. And that two layers can be 1. Something I only know, 2. Something I only have. Confused? Let me explain. Let's take Internet Banking for example. Internet Bankings two security layers are 1. Login password(Something I only know), Phone OTP(I only get OTP to my number). Let's see why it's not optimal. Many people forget Internet Banking Password easily. Hence Banks are forced to provide a password recovery process( One Layer is Vulnerable). OTPs can be read by SMS apps in phones. (Second Layer is Vulnerable). And so if you see many Internet banking frauds are happening. Let's see another Payment system - Debit Card Transactions. So whats its security layers, 1. Something I only have is the Physical Debit Card, 2. Something I only know is Debit Card PIN. So let's find out how secure it is. Even though we have the Debit card to ourselves, many people give all the Debit card details to some sites and when they are hacked one security level is compromised. And since PIN number is only 4 digits, there is a possibility of 1 is to 10000 chances to guess the correct pin. And since our bank gives 3 chances to enter correct pin it leaves us with 1 is to 3333 to guess correct pin number. If one million debit card details are compromised, then there is a chance that at least 300 cards lose two-level security just like that.

Now let's see UPI security layers. You can only do UPI transactions through your phone and from nowhere else. So something I only have is my phone along with the SIM Card. And something I only know is UPI PIN. All you share with any websites is your UPI ID which is not even a security layer since you can change it any time you want. So Websites are not having any information about who is transacting. Also, The first security layer is so powerful since there is no OTP and no apps are accessing the OTP since there is no OTP only. Also, nobody can hack your UPI since all transactions happen from the phone. You will always know when you are sending money to anyone. Even if people want to take advantage of UPI, all they can do is send a payment request to your number but unless you willingly pay them they don't get any payment.

With all the security UPI provides, all they have to do is make it the easiest way possible to transfer money to another person. And that is exactly NPCI has done. It has opened the payment request process to any possible technology. Be it QR Code, Soundwaves, Payment requests, NFC, Bluetooth, etc. And if you see there are Apps that are taking advantages of these all different ways. For Ex. Google Pay uses Soundwaves to make a payment from one person to another person if they are near to each other. Some Retailers use PhonePe calculators to send a Payment request to the customer. With opening the payment request to new technologies it is making the Payment Process future proof. It is able to adapt to technology. At present, the majority are using QR Codes. Who knows in the future we may use NFC or any other new Technology.

Also, the other smart move by NPCI is making it universal, I mean anybody with any UPI app can transfer to any other person with completely different App. It is so versatile that even in future having a UPI app you can draw money from ATM. Imagine just scanning code from ATM and just getting money just like that. No cards and no PINs. I even doubt there will be any Debit and credit cards after 2 years from now. RBI is even thinking of controlling UPI since it is growing in such an exponential pace beating each and every other payment process in its way. It has beaten Mastercard and Visa long ago. It is nearing to beat IMPS payment soon. Without integrating UPI, Apple pay, Samsung pay, PayTM or any other wallet will fail miserably. (PayTM is promoting UPI payment in its own app aggressively for the same reason).

Finally, I am happy to see technology from a government body beating the corporates at their own game(By including them also in UPI). I even read that other countries are looking into UPI and want to implement it in their own countries.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store