Fintech Deep Dive — Saturday | June 13, 2026

Theme: Consumer Rights — Complaints, Fraud, Safeguards

This week has been a watershed moment for consumer protection in India’s digital payments ecosystem. From a sweeping MHA advisory on AI deepfake fraud to the RBI’s landmark fraud compensation proposals, and from BioCatch’s alarming banking survey to Delhi High Court’s takedown of fake B2B websites, the message is clear: India’s fraud epidemic has reached a scale that demands systemic — not just individual — response.

1. MHA Issues Nationwide Advisory on AI Deepfake Fraud Targeting Banks and Fintechs

The Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs, issued a fresh nationwide advisory on June 11 warning that cybercriminals are deploying advanced AI tools to create deepfake videos and synthetic identities designed to defeat facial authentication, liveness detection, and video-based KYC checks.

How it works: Fraudsters initiate contact through social media, job portals, dating sites, or direct phone calls. During video interactions, victims’ natural facial movements — blinking, speaking, head turns — are recorded without their knowledge. These recordings are processed using AI software to generate realistic digital replicas capable of mimicking facial expressions, eye movements, and voice patterns. The resulting synthetic media can bypass facial recognition and liveness verification systems.

The stakes: Once authentication safeguards are breached, criminals can complete KYC formalities, activate digital wallets, open new financial accounts, or gain unauthorised access to existing banking and digital service accounts.

Consumer safeguards advised:

• Lock biometric data wherever available
• Monitor email and banking notifications for suspicious login attempts
• Exercise caution during unsolicited video calls
• File complaints on the National Cyber Crime Reporting Portal (cybercrime.gov.in) with details like the suspected fraudster’s contact information and video links
• Contact telecom providers immediately if experiencing sudden loss of mobile network — this could signal a SIM-swap attempt

The MHA has urged financial institutions to integrate advanced deepfake detection technologies into their security architecture — a call that will test whether India’s fintech sector can stay ahead of AI-powered fraud at scale.

2. 84% of Indian Banking Leaders Report Rising Fraud Losses; UPI Cited as Primary Vector

A BioCatch survey of 1,440 fraud and financial crime leaders across 25 countries revealed that India is among the most heavily impacted markets for financial fraud globally. The numbers are stark:

• 90% of Indian banking leaders reported increased fraud attempts (vs. 81% globally), up from 70% in the 2025 survey
• 84% reported rising fraud losses (vs. 76% globally), up from 57% last year
• 95% are very concerned about the increasing speed of fraud (vs. 76% globally)
• 84% recognise AI agents as the industry’s greatest exploitable vulnerability
• 93% believe AI has increased the sophistication of fraud schemes
• 90% say it will be very challenging to distinguish legitimate AI-assisted actions from malicious activity

The financial impact is massive. 48% of Indian respondents said their institutions lose more than $10 million (₹83+ crore) to fraud annually. Of these, 32% reported losses exceeding $25 million, and 6% said losses exceeded $100 million each year.

Critically, 66% of Indian banking leaders identified instant payment systems as the primary source of rising fraud — higher than the global average of 59%. India’s rapid UPI adoption, while a national success story, is creating new attack surfaces. Customer losses linked to scams are also substantial: 58% estimated customers lose more than $5 million annually, while 44% reported losses above $10 million.

As BioCatch CEO Gadi Mazor noted, the industry must move beyond traditional identity checks and focus on understanding behaviour, intent, and trust to combat future fraud threats.

3. RBI’s Digital Payment Safety Proposals: ₹25,000 Fraud Compensation and the E-Mandate Overhaul

The RBI has been laying the groundwork for a fundamental shift in consumer liability for digital payment fraud. A comprehensive analysis of the RBI’s April 2026 E-Mandate Framework by Khaitan & Co reveals the broader context: approximately 28 lakh fraud cases totalling ₹22,931 crore were reported in 2025, compared to just 2.6 lakh cases worth ₹551 crore in 2021 — a tenfold increase in volume and fortyfold increase in value over four years.

Key consumer protection measures taking effect July 1, 2026:

• ₹25,000 fraud compensation: For fraudulent electronic banking transactions with gross losses up to ₹50,000, victims can receive compensation of 85% of the net loss or ₹25,000, whichever is lower. Costs would be split between the customer, the issuing bank, the receiving bank, and an industry fund
• One-hour payment lag for transfers to new beneficiaries, giving victims a window to report and reverse
• “Trusted person” approval step for customers aged 70 and above
• “Kill switch” to let users instantly block all outgoing digital transactions

The E-Mandate Framework, 2026 (Circular No. RBI/DPSS/2026-27/396, issued April 21) consolidates eight separate circulars issued between 2019–2024 into a single rulebook. Key consumer-friendly provisions include:

• Zero charges on e-mandate facilities for recurring transactions
• Standardised 24-hour pre-debit alerts with mandatory content (merchant name, amount, date, mandate reference, reason)
• Easy opt-out mechanisms validated by Additional Factor of Authentication
• Post-debit notifications including grievance redressal details
• Extended liability protections — unauthorised-transaction liability limits now expressly apply to recurring transactions under e-mandates
• Card reissuance continuity — existing e-mandates map to reissued cards automatically

This represents a decisive pivot: the burden of protection is shifting from individual vigilance to systemic safeguards.

4. Big Tech as Fraud Infrastructure: “Bharat Bluff” Exposes How Platforms Enable Scams

Journalist Soumya Gupta’s new book Bharat Bluff: Inside the Cons of India’s Internet Revolution (Roli Books, 2026) delivers a troubling thesis: Big Tech platforms aren’t just where scams happen — they’re how scams happen.

Gupta documents how fraudsters exploit the trust Indians place in Google, Meta, WhatsApp, and other platforms. In one telling personal anecdote, she describes how scammers replaced a wine shop’s phone number on Google Maps, redirecting orders and payments to a fraudulent account. The shop had been complaining to Google about the fake listing for months with no resolution.

The scale of platform-enabled fraud is staggering: more than 43,000 cybercrimes reported between January–March 2024 involved WhatsApp misuse (the top platform for scammers), while 22,680 involved Telegram and nearly 20,000 involved Instagram.

While Google and Meta have launched awareness campaigns and safety features (WhatsApp’s screen-sharing warning for calls with unknown numbers, Google Pay’s integration with the National Cybercrime Reporting Portal), the book argues these are insufficient against the fundamental problem: platforms profit from the reach and engagement that scammers also exploit.

The book raises a question regulators worldwide are grappling with: who is accountable when someone is defrauded through a platform’s infrastructure? India’s answer is still evolving, but the Delhi High Court’s IndiaMART ruling (see next story) suggests courts are increasingly willing to hold infrastructure providers accountable.

5. Delhi High Court Orders Vercel, GitHub to Remove Fake IndiaMART Websites

The Delhi High Court on June 10 ordered US-based hosting platforms Vercel, GitHub, and Netlify to take down URLs infringing on IndiaMART’s trademark, in a ruling with significant implications for platform accountability in India.

The scam: Fraudsters cloned IndiaMART’s website, app content, and branding, creating convincing fake sites targeting B2B buyers and suppliers. They set up matching WhatsApp accounts and bank accounts to collect payments from unsuspecting small business owners. India’s 63 lakh MSMEs are particularly vulnerable to this category of B2B phishing.

Why this ruling matters:

• The court treated Vercel, GitHub, and Netlify as extensions of the fraudster’s operations, compelling them to act as enforcers
• It demonstrates Indian courts reaching directly to global cloud infrastructure providers with extremely short compliance windows
• It establishes a precedent that developer platforms and free hosting services bear responsibility for infringing content — they are not merely neutral conduits

Consumer takeaway: Always verify exact URLs before making payments (check for misspellings like indiamart.co), confirm bank details by calling vendors on independently sourced numbers, and cross-check the bank account name on UPI apps before confirming transfers.

6. FIFA World Cup 2026: Kerala Police Warn of Fake Streaming Apps Stealing Bank Data

The Kerala Police issued a public alert on June 11 warning football fans against installing unofficial APK files promoted on social media offering “free” FIFA World Cup 2026 streaming. These fake OTT apps are designed to steal personal data and banking credentials, including UPI access.

This is a textbook example of how major global events become attack surfaces for Indian consumers. Fraudsters exploit the urgency and excitement around live sports to bypass users’ usual caution. With the World Cup running through July, this threat vector will remain active for weeks.

7. E-Jagriti Consumer Platform Wins Silver at National e-Governance Awards 2026

On the institutional safeguards front, India’s Department of Consumer Affairs received a Silver Award at the National e-Governance Awards 2026 for its E-Jagriti consumer grievance platform, evaluated from 341 nominations.

Launched on January 1, 2025, E-Jagriti consolidates four legacy systems — OCMS, e-Daakhil, NCDRC CMS, and Confonet — into a single AI-enabled platform for filing complaints, tracking cases, and attending hearings online. Key features include AI-powered chatbot support, voice-to-text capabilities, OTP-based authentication, and integrated payments through Bharat Kosh, PayGov, and SBI ePay.

The platform has already handled complaints from 751 NRIs across the US, UK, and UAE, resolving 61 cases. Between October 2025 and March 2026, its help desk resolved 4,821 of 5,537 reported technical complaints (87% resolution rate). Weekly public grievance sessions involving the department, the National Consumer Disputes Redressal Commission, and the National Informatics Centre have been introduced for ongoing feedback.

The Bigger Picture

This week’s developments point to an inflection point in India’s approach to consumer protection in digital finance:

1. Fraud is now a systemic risk, not an individual failing. With ₹22,931 crore lost in 2025, the economics demand institutional response
2. The regulatory framework is tightening — from e-mandate consolidation to fraud compensation proposals, the RBI is shifting liability from consumers to the ecosystem
3. AI is a double-edged sword — the same technology enabling India’s fintech boom is powering increasingly sophisticated fraud
4. Platform accountability is entering Indian jurisprudence — courts are reaching beyond fraudsters to the infrastructure enabling them
5. Consumer education remains the weakest link — despite awareness campaigns, basic digital hygiene (verifying URLs, cross-checking numbers, never sharing OTPs) is still not universal

For India’s 130+ crore digital payment users, the coming months will be critical. The RBI’s fraud compensation framework, expected to be finalised by July 1, 2026, could set a new global benchmark for consumer protection — or reveal the gap between regulatory intent and implementation reality.