The Reserve Bank of India (RBI) on Tuesday urged the public to exercise utmost caution while using unauthorised prepaid payment instruments (PPIs) saying they must verify beforehand that application or entity that they are dealing with is authorised to carry out the activity it performs or assures to perform.

“It has come to the notice of Reserve Bank of India (RBI) that Ride Tech Private Limited…is operating a semi-closed (non-closed) pre-paid instrument (wallet) through its car-pooling app (application) ‘sRide’ without obtaining the required authorisation from RBI under the provisions of the Payment and Settlement Systems Act, 2007. As such, any person dealing with sRide Tech Private Limited, will be doing so at their own risk,” the central bank said.

With the rise of digital payments and lending across country, the central bank has been consistently sounding alarm over illegal loan apps. In its report of the working group on digital lending including lending through online platforms and mobile apps dated November 18, the central bank said 600 out of 1100 lending apps available were illegal.

“And as the number of lending apps grow, this trend would spike, since a user downloading a lending app cannot identify if the app is legitimate or not. It is also likely that several copycat apps and websites will mushroom across the internet. If a consumer uses such an app or website, it could collect the user’s personally identifiable information (PII), financial data and other sensitive details, which can then be used to compromise the user’s accounts, carry out phishing attacks and identity theft. Apart from affecting the user, it also damages the reputation of the company that the fake app is impersonating,” the report said.

Separately, on January 28, the RBI issued a detailed advisory on consumer awareness saying it has noticed that unscrupulous elements are defrauding and misleading people by using innovative modus operandi including social media techniques and mobile phone calls. It urged public to be aware of fraudulent messages, spurious calls, unknown links, false notifications, or unauthorised QR Codes promising help in securing concessions, expediting response from banks and financial service providers in any manner. “Fraudsters attempt to get confidential details like user id, login / transaction password, OTP (one time password), debit/credit card details such as PIN, CVV, expiry date and other personal information,” it said.