Blog

Razorpay fraud & could it be prevented?
23 Jun

Razorpay Fraud & can it be prevented?

 The world has transitioned to a digital way of living. With technology sprinting to achieve newer milestones every day, digital life has become the new normal. From paying for groceries to luxuries online, everything is available at a click thanks to the Fintech ecosystem. While this has made our lives quite easy, it comes with a risk of data breach, hacking and similar issues that are now frequently heard in the online space. The latest company to fall prey to this is Razorpay, a payment gateway that helps businesses accept and process payments for its products through integration. 

A few hackers compromised the authorization and authentication process of Razorpay which cost them a whopping 7.38 crore worth of loss. Razorpay’s authorization and authentication partner is Fiserv. In Fiserv’s system, 831 transactions had failed i.e. Razorpay did not receive the money. However, due to the tampering of the authorization and authentication processes, they were communicated as received to Razorpay. As a result, Razorypay in turn communicated this to its Merchants, in spite of not receiving the money at all.

Can you trust your systems blindly?

Being India’s largest valued Fintech, it looks like Razorpay’s security features are sufficient and strong enough. This seemed like the most obvious issue when it was found in a routine payment process, a few hackers could compromise the authentication data on a few merchant sites that used the older versions of Razorpay’s integration. These companies deal with a huge volume of data each day. With such volume comes the risk of discrepancies. 

This stands even more relevant and true for E-commerce giants. Multiple renowned Ecommerce companies do billions of transactions every month. In 2022, the Indian E-commerce industry is expected to grow by 21.5% to $74.8 Billion. After the pandemic, the Ecommerce user base has exploded, especially in tier 2 and Tier 3 cities. A recent survey concluded that credit card users spent 76% more on Ecommerce than offline stores. All this data only points toward the obvious growth of ecommerce and the increase in the number of payment gateway systems.

How could this be avoided?

Such frauds are identified at the time of reconciliation during quarterly audits or year-end closing. Razorpay could not reconcile 7.38 crore against these 831 transactions for 60+ days and this gave fraudsters a window to commit fraudulent activities. 

Today, most reconciliations are still done manually and this is one of the biggest reasons why there are gaps. Cross-checking and tracing each transaction manually, especially in a volume-heavy industry like Payment Gateway & E-commerce would require huge investments in human capital. 

The solution to tackle this problem is automating reconciliation. If the reconciliation is automated, it can be done daily or weekly on an auto pilot mode. When the front-end systems have gone digital and demand agility, back-end systems should also be digitized, and work in sync with them to maintain a similar pace of agility and reduce the probability of errors and frauds. Automation will help in easily tracing the source of data, holding accountability, rectifying errors, and reporting accurate data. As the accuracy of numbers reported increases, it gives a clear view of the organization’s present financial standing, the future direction, and areas that need course correction as well.

About Author

Firmway is a Fintech by a young team of Chartered Accountants automating account functions including Balance Confirmation and all kinds of Reconciliation with Customers, Vendors, Ecommerce, Banks, Payment gateway, Partners, 26AS (TDS), GSTR2B and many more.

Add Comment