E Banking - Cyber Frauds in India
-
Upload
need-notknow -
Category
Documents
-
view
225 -
download
0
Transcript of E Banking - Cyber Frauds in India
-
8/9/2019 E Banking - Cyber Frauds in India
1/70
@NLS
Naavi
E Banking Frauds
Naavi1
-
8/9/2019 E Banking - Cyber Frauds in India
2/70
Agenda
Types of Frauds that affect Bankers
The law regarding Cyber Frauds
Due Diligence Requirements
Naavi2
-
8/9/2019 E Banking - Cyber Frauds in India
3/70
Phishing
Naavi3
Case Study
-
8/9/2019 E Banking - Cyber Frauds in India
4/70
The Case
An NRI customer having account in Tirunelveli
branch of ICICI Bank
– Receives monthly statement from
[email protected] – One day he received a mail from the same address
Stating that his account is being deactivated for security
reasons unless he logs in immediately and confirm that the
account has to be continued. – A hyperlink is provided in the same mail to the Bank’s website.
Customer logs in and confirms
Naavi4
-
8/9/2019 E Banking - Cyber Frauds in India
5/70
The Phone Call
Next day evening, at 6.00 pm IST, he received a
phone call from his Bank informing him and asking
for confirmation about his having withdrawn
withdrawn Rs 6.46 lakhs from his account andhaving transferred to the account of Uday
Enterprises at Fort Bombay branch of ICICI Bank
– Customer denies any such transaction and immediately
follows up with e-mail and fax to the Bank denying the
transaction and restoration of his balance in the account.
Naavi5
-
8/9/2019 E Banking - Cyber Frauds in India
6/70
Internal Investigations
Bank conducts an internal investigation whichreveals the following – customer had received a phishing mail in the name of
[email protected] and had responded to the
same – The amount of 6.46 lakhs had been then transferred to the
Fort Branch branch in lots of Rs 1 lakh in four transactionson 6th September and two more transactions and again46000/- on 7th September
– The customer (Uday Enterprises) had drawn Rs 4 lakhs incash across the counter on 7th September, 35000/- wasadjusted to the OD outstanding in the account. Balance waslying in the account.
Naavi6
-
8/9/2019 E Banking - Cyber Frauds in India
7/70
Response
Bank writes to the customer that he was a victim of
Phishing and should file a complaint with the Police
and pursue.
– Refuses to re-credit the amount to customer’s account
– Refuses to file a complaint in Mumbai to trace the customer
– Internal investigation reveals that the account was in arrears
of Rs 35000/- for more than 6 months, the proprietor had
changed address 2 years back and was not traceable
Naavi7
-
8/9/2019 E Banking - Cyber Frauds in India
8/70
Follow Up
Customer files a complaint with the BankingOmbudsman who after verification concludes that itdoes not come within his jurisdiction as it is a crime
related issue and not a service related issue As suggested by the Bank, a complaint is filed at
Tirunelveli.. Police suggest that it is a cyber crimeand complaint has to be filed in Chennai
– Complaint is filed including the Bank as a co accused – Adjudication proceeding has been completed. Verdict
awaited.
Naavi8
-
8/9/2019 E Banking - Cyber Frauds in India
9/70
Additional Information
The Internal investigator had reported that
the CCTV in the Banking hall should have
captured the cash withdrawal transaction andshould be checked.
– Bank never acted on this suggestion made within
a few days of the incident and the service
provider responsible for the maintenance of the
CCTV service is reported to have deleted the
data( after one month)
Naavi9
-
8/9/2019 E Banking - Cyber Frauds in India
10/70
Further developments..
Later it was found that the IP address
indicated that all transactions were
conducted from Mumbai – where as the customer was known to be an NRI
in Dubai.
– The current account of uday Enterprises was
owned by one Mohammed Zulfiquar Hasim Khan
Why one Zulfiquar Hasim Khan should open a current
account in the name of Uday Enterprises?..
Naavi10
-
8/9/2019 E Banking - Cyber Frauds in India
11/70
Adjudication
Adjudication application was filed in Chennai – Claiming the entire amount lost along with interest and
damages
After the filing, – Bank paid the balance amount of Rs 150071/- which was
lying in the account of Uday enterprises.
After several hearings, Bank offered to pay the entirefraud amount of RS 646000/- provided a suitable
indemnity was provided. No agreement was however reached on the terms of
the indemnity. – Matter awaiting release of the award
Naavi11
-
8/9/2019 E Banking - Cyber Frauds in India
12/70
Other Frauds like Phishing
Credit Card frauds, Theft of Debit card/password – All these frauds occur through Electronic Forgery.
– In case of payment of a forged cheque.. Who is liable? Canara Bank Vs Canara Sales Corporation AIR 1987 SC 1603
Citizen Co-opertive Bank Ltd Vs Ritesh Mittal,-2004 CTJ 211 (Jammu and Kashmir High Court)
N. Venkanna Vs Andhra Bank, National Disputes Redressal Commission, 11th January, 2005
Bhagwandas Vs Creet (1903)31, Cal.249 L. Pirbhu Dayal Vs Jwala bank, AIR 1958 All. 374
Dawood Vs Firm Pereinan Chetty, AIR 1924 Rang.264 – All these cases hold the Bank liable even if the customer had shown negligence of some sort.
Banks can escape liability only if the customer has abetted or is estopped for some reason toclaim that the withdrawal was wrong.
Why would it be different in case of Phishing?
– In Germany and Denmark, Banks are held responsible for such technical crimes – India too has no option to follow suit
– Banks should therefore put strategies to protect themselves from the Phishingliabilities.
Naavi12
-
8/9/2019 E Banking - Cyber Frauds in India
13/70
Other Frauds involving Banks
Nigerian Mails, Job Frauds, Lottery Frauds
– All involving remittances to foreign countries
where the Bank as an Authorised Dealer is
expected to enquire about the purpose of
remittance and approve
or other accounts in the Bank
Salami frauds, Software bugs
Naavi13
-
8/9/2019 E Banking - Cyber Frauds in India
14/70
Other means..
Stolen laptops
– If data is not encrypted …
Shared Desktops – Somebody else’s negligence in allowing a key
logger
Written down in a diary – Common pick pocket?
Naavi14
-
8/9/2019 E Banking - Cyber Frauds in India
15/70
Most Dangerous
A virus may execute a “Man in the Browser”attack using an authenticated session to placean unauthorized transaction. –
Customer thinks that he is making a genuinetransaction and therefore completes all authenticationrequirements himself
– But the transaction executed is different from the onecontemplated.
– Bank will swear that the transaction was done only bythe customer See here
Naavi15
-
8/9/2019 E Banking - Cyber Frauds in India
16/70
Emerging Threats
Trojans which use “Man in the Browser”
technique
–
Zeus and SpyEye Variants – Modify content after they are entered in the
browser and before it reaches the Bank’s server
– Display modified content on the browser which
may not be in sync with the server information
– Can fool both the customer and the bank
Naavi16
-
8/9/2019 E Banking - Cyber Frauds in India
17/70
What can go wrong?
At the Organization..
Naavi17
-
8/9/2019 E Banking - Cyber Frauds in India
18/70
Naavi18
-
8/9/2019 E Banking - Cyber Frauds in India
19/70
Naavi19
-
8/9/2019 E Banking - Cyber Frauds in India
20/70
Naavi20
-
8/9/2019 E Banking - Cyber Frauds in India
21/70
List of Trojans.. A gift to visitors to thewebsite of a Bank..
Website compromised on 29th August 2007 – Email-Worm.Win32.Agent.l
Rootkit.Win32.Agent.dwRootkit.Win32.Agent.eyTrojan-Downloader.Win32.Agent.cnhTrojan-Downloader.Win32.Small.ddyTrojan-Proxy.Win32.Agent.nuTrojan-Proxy.Win32.Wopla.agTrojan.Win32.Agent.awzTrojan-Proxy.Win32.Xorpix.FamTrojan-Downloader.Win32.Agent.ceoTrojan-Downloader.Win32.Tibs.mtTrojan-Downloader.Win32.Agent.boyTrojan-Proxy.Win32.Wopla.ah
Trojan-Proxy.Win32.Wopla.agRootkit.Win32.Agent.eaTrojan.PandexTrojan-Proxy.Win32.Cimuz.GTSPY_AGENT.AAVG (Trend Micro)Trojan.Netview Website closed from 30th August to 4th September 2007
Naavi21
-
8/9/2019 E Banking - Cyber Frauds in India
22/70
ATM/Credit Card Cloning
Naavi22
-
8/9/2019 E Banking - Cyber Frauds in India
23/70
E Banking dispute resolution system
Three Modes
– If the cause of action is
Violation of an RBI Guidelines
– Banking Ombudsman
A deficiency of Service
– Consumer Forum
An offence /contravention of ITA 2000/8
– Adjudication process as per ITA 2000/8
Naavi Cyber Law College23
-
8/9/2019 E Banking - Cyber Frauds in India
24/70
Banking Ombudsman Scheme
Effective from January 1 2006
– Banking ombudsman scheme 2005
Amended in May 24, 2007 and Feb 3, 2009 Is essentially a mediation process
Naavi Cyber Law College24
-
8/9/2019 E Banking - Cyber Frauds in India
25/70
Essence of Banking Ombudsman (BO)Scheme
Powers and Jurisdiction – Territorial: BOs have been set up in 15 different regional
offices of RBI
– BO s shall receive and consider complaints
relating to deficiencies in banking or other services filed on the grounds mentioned in clause 8 and
– facilitate their satisfaction or settlement by agreement or throughconciliation and mediation between the bank concerned and theaggrieved parties or by passing an Award in accordance with theScheme.
– Maximum compensation Rs 10 lakhs (actual loss) – In Credit card related complaints additional compensation of
Rs 1 lakh is payable for harassment, mental anguish etc.
Naavi Cyber Law College25
-
8/9/2019 E Banking - Cyber Frauds in India
26/70
Grounds of Complaint (Clause 8)
(a) non-payment or inordinate delay in the paymentor collection of cheques, drafts, bills etc.;
(b) non-acceptance, without sufficient cause, of
small denomination notes tendered for any purpose,and for charging of commission in respect thereof;
(c) non-acceptance, without sufficient cause, of coinstendered and for charging of commission in respect
thereof; (d) non-payment or delay in payment of inward
remittances ;
Naavi Cyber Law College26
-
8/9/2019 E Banking - Cyber Frauds in India
27/70
Grounds of Complaint (Clause 8)
(e) failure to issue or delay in issue of drafts, pay ordersor bankers' cheques;
(f) non-adherence to prescribed working hours ;
(g) failure to provide or delay in providing a banking
facility (other than loans and advances) promised inwriting by a bank or its direct selling agents;
(h) delays, non-credit of proceeds to parties' accounts,non-payment of deposit or non-observance of theReserve Bank directives, if any, applicable to rate ofinterest on deposits in any savings, current or otheraccount maintained with a bank ;
Naavi Cyber Law College27
-
8/9/2019 E Banking - Cyber Frauds in India
28/70
Grounds of Complaint (Clause 8)
(i) complaints from Non-Resident Indians having accounts in India inrelation to their remittances from abroad, deposits and other bankrelated matters;
(j) refusal to open deposit accounts without any valid reason for
refusal; (k) levying of charges without adequate prior notice to the customer;
(l) non-adherence by the bank or its subsidiaries to the instructions ofReserve Bank on ATM/Debit card operations or credit card operations;
(m) non-disbursement or delay in disbursement of pension (to the
extent the grievance can be attributed to the action on the part of thebank concerned, but not with regard to its employees);
Naavi Cyber Law College28
-
8/9/2019 E Banking - Cyber Frauds in India
29/70
Grounds of Complaint (Clause 8)
(n) refusal to accept or delay in acceptingpayment towards taxes, as required by ReserveBank/Government;
(o) refusal to issue or delay in issuing, or failureto service or delay in servicing or redemption ofGovernment securities;
(p) forced closure of deposit accounts without
due notice or without sufficient reason; (q) refusal to close or delay in closing the
accounts;
Naavi Cyber Law College29
-
8/9/2019 E Banking - Cyber Frauds in India
30/70
Grounds of Complaint (Clause 8)
(r) non-adherence to the fair practices code asadopted by the bank;
(s)non-adherence to the provisionsof the Code of Bank's Commitments to
Customers issued by Banking Codes and StandardsBoard of India and as adopted by the bank ;
(t) non-observance of Reserve Bank guidelines onengagement of recovery agents by banks; and
(u) any other matter relating to the violation of thedirectives issued by the Reserve Bank in relation tobanking or other services.
Naavi Cyber Law College30
-
8/9/2019 E Banking - Cyber Frauds in India
31/70
Procedure for Filing Complaint
Complaint may be filed by the customer or
his authorized representative (Other than an
advocate)
A complaint made through electronic means
shall also be accepted by the Banking
Ombudsman and a print out of such
complaint shall be taken on the record of the
Banking Ombudsman
Naavi Cyber Law College31
-
8/9/2019 E Banking - Cyber Frauds in India
32/70
Pre-requisites..
No reply from the Bank for one month or is
not satisfied with the reply given to him by
the bank
Complaint within 13 months after date of
representation to the Bank
Naavi Cyber Law College32
-
8/9/2019 E Banking - Cyber Frauds in India
33/70
Grounds of Rejection
a) not on the grounds of complaint referred to in clause 8 or otherwise not in accordance with sub clause (3) of clause 9(Ed: notice to Bank); or
(b) beyond the pecuniary jurisdiction of Banking Ombudsmanprescribed under clause 12 (5) and 12 (6) or
(c) requiring consideration of elaborate documentary and oralevidence and the proceedings before the Banking Ombudsmanare not appropriate for adjudication of such complaint; or
(d) without any sufficient cause; or
(e) that it is not pursued by the complainant with reasonablediligence; or
(f) in the opinion of the Banking Ombudsman there is no loss or damage or inconvenience caused to the complainant
Naavi Cyber Law College33
-
8/9/2019 E Banking - Cyber Frauds in India
34/70
1PPEAL BEFORE THEAPPELLATE AUTHORITY:
Any person aggrieved by an Award under
clause 12 or rejection of a complaint for the
reasons referred to in sub clauses (d) to (f)
of clause 13,may within 30 days of the date
of receipt of communication of Award or
rejection of complaint, prefer an appeal
before the Appellate Authority;
Naavi34
-
8/9/2019 E Banking - Cyber Frauds in India
35/70
Under ITA 2000/8
Naavi Cyber Law College35
Adjudication Process
-
8/9/2019 E Banking - Cyber Frauds in India
36/70
What is Adjudication
Adjudication is the system suggested by ITA 2000
to provide speedy disposal of civil disputes arising
out of contravention of ITA 2000
– Under Sec 46 of ITA 2000
Adjudication is the first step for claiming damages for
contraventions of ITA 2008.
Appeal from Adjudicator lies with Cyber AppellateTribunal (CAT)
Appeal from CAT lies with the High Court
Naavi Cyber Law College36
-
8/9/2019 E Banking - Cyber Frauds in India
37/70
Notification of 25th March 2003-MIT,GOI
The Secretary of Department ofInformation Technology of each of the States or of Union Territories is hereby appo
inted as Adjudicating Officer for thepurposes of the Information Technology Act,2000.
– shall provide the infrastructure and – maintain the records of the matters handled by
AO functioning in the States/Union Territories
Naavi Cyber Law College37
-
8/9/2019 E Banking - Cyber Frauds in India
38/70
Powers under Sec 46
(1)For the purpose of adjudging – under this Chapter
– whether any person has committed a contravention of anyof the provisions of this Act or of any rule, regulation,
direction or order made thereunder which renders him liableto pay penalty or compensation,
– the Central Government shall, subject to the provisions ofsub-section(3), appoint any officer not below the rank of a
Director to the Government of India or an equivalent officerof a State Government to be an adjudicating officer forholding an inquiry in the manner prescribed by the CentralGovernment.
Naavi Cyber Law College38
-
8/9/2019 E Banking - Cyber Frauds in India
39/70
Sec 46-contd
(1A) The adjudicating officer appointed
under sub-section (1) shall exercise
jurisdiction to adjudicate matters in which the
claim for injury or damage does not exceed
rupees five crore
Provided that the jurisdiction in respect of
claim for injury or damage exceeding rupees
five crore shall vest with the competent court
Naavi Cyber Law College39
-
8/9/2019 E Banking - Cyber Frauds in India
40/70
Sec 46..contd
(2)The adjudicating officer shall, after giving the person referredto in sub-section (1) a reasonable opportunity for makingrepresentation in the matter and if, on such inquiry, he issatisfied that the person has committed the contravention, hemay impose such penalty as he thinks fit in accordance with the
provisions of that section. (3) No person shall be appointed as an adjudicating officer
unless he possesses such experience in the field of InformationTechnology and Legal or Judicial experience as may beprescribed by the Central Government.
(4)Where more than one adjudicating officers are appointed,the Central Government shall specify by order the matters andplaces with respect to which such officers shall exercise their jurisdiction.
Naavi Cyber Law College40
-
8/9/2019 E Banking - Cyber Frauds in India
41/70
Sec 46..contd
(5) Every adjudicating officer shall have the powers of a civilcourt which are conferred on the Cyber Appellate Tribunalunder sub-section (2) of section 58, and -(a) all proceedings before it shall be deemed to be judicial
proceedings within the meaning of sections 193 and 228 of theIndian Penal Code;
(b)shall be deemed to be a civil court for the purposes ofsections 345 and 346 of the Code of Criminal Procedure,1973.
(c)shall be deemed to be a Civil Court for purposes of order XXIof the Civil Procedure Code, 1908
Naavi Cyber Law College41
-
8/9/2019 E Banking - Cyber Frauds in India
42/70
Sec 47: Factors to be taken into accountby the adjudicating officer
While adjudging the quantum of compensation underthis Chapter the adjudicating officer shall have dueregard to the following factors, namely -
(a)the amount of gain of unfair advantage, whereverquantifiable, made as a result of the default;
(b)the amount of loss caused to any person as a
result of the default; (c) the repetitive nature of the default
Naavi Cyber Law College42
-
8/9/2019 E Banking - Cyber Frauds in India
43/70
What are the contraventions?
Only 43 and 43 A (After ITA 2008) are
applicable
– Sec 43
8 contraventions in ITA 2000
2 more added in ITA 2008
– Sec 43A
Not maintaining reasonable security practices by a bodycorporate in posession of sensitive personal information
of an individual
Naavi Cyber Law College43
-
8/9/2019 E Banking - Cyber Frauds in India
44/70
What is the scope of Sec 43?
Applies where the specified action occurs
– Without the permission of the owner of the
computer
– Liability is
damages payable to the person who has suffered the
loss
Payable by the person who contravened any or the 10contraventions
Naavi Cyber Law College44
-
8/9/2019 E Banking - Cyber Frauds in India
45/70
Is adjudication subordinate toregistration of a criminal case?
Adjudication is a civil process
– Not dependent on the Police filing an FIR
Notification of 17/03/2003 (MIT)
– Provides suomoto powers to the adjudicator At any time or on receipt of a report of contravention from an
aggrieved person,or by a Government agency or suo-moto,
the Adjudicating Officer, may get the matter or the report
investigated from an officer in the Office of Controller or CERT-
IND or from the concerned Deputy Superintendent of Poli
ce, to ascertain more facts and whether prima facie there is a
case for adjudicating in the matter or not.
Naavi Cyber Law College45
-
8/9/2019 E Banking - Cyber Frauds in India
46/70
Procedure
Not bound by Civil Proceedure Code – Can be like an enquiry
– Rules to be defined by the adjudicator
– Not mandatory to get a legal counsel
– Can examine documents and witnesses
Victim not bound to give all details of the accused.. – Simple application as per draft will suffice
– Where required investigation can be ordered by theadjudicator
– Evidence that a contravention has occurred is sufficient.
Naavi Cyber Law College46
-
8/9/2019 E Banking - Cyber Frauds in India
47/70
61. Civil court not to have jurisdiction
No court shall have jurisdiction to entertain any suit
or proceeding in respect of any matter which an
adjudicating officer appointed under this Act or the
Cyber Appellate Tribunal constituted under this Actis empowered by or under this Act to determine and
no injunction shall be granted by any court or other
authority in respect of any action taken or to be
taken in pursuance of any power conferred by orunder this Act.
Naavi Cyber Law College47
-
8/9/2019 E Banking - Cyber Frauds in India
48/70
Scope
Jurisdiction for Chapter IX in the State in
which posted
Location of Computer s defined in subsection
2 of Section 75
Naavi Cyber Law College48
-
8/9/2019 E Banking - Cyber Frauds in India
49/70
Application
Complaint in plain paper as per proforma
Together with fees prescribed
Naavi Cyber Law College49
-
8/9/2019 E Banking - Cyber Frauds in India
50/70
Manner of Holding Enquiry
AO to issue a notice together with all the
documents
– To the necessary parties
– Fixing date and time
– Indicating the time and place of contravention, the
person against whom the contravention was
committed etc
Naavi Cyber Law College50
-
8/9/2019 E Banking - Cyber Frauds in India
51/70
Time Limit
As far as possible, every application shall be
heard and decided in four months and the
whole matter in six months
Naavi Cyber Law College51
-
8/9/2019 E Banking - Cyber Frauds in India
52/70
Cases for Reference
S.Umashankar Vs ICICI Bank
– Adjudicator of Tamil Nadu
Gujarat Petrosynthese Ltd Vs Axis Bank
– Adjudicator of Karnataka
Naavi Cyber Law College52
-
8/9/2019 E Banking - Cyber Frauds in India
53/70
Cyber Evidence
Naavi Cyber Law College53
-
8/9/2019 E Banking - Cyber Frauds in India
54/70
Law of Digital Evidence in India
Derived from the amendments made to Indian
Evidence Act
– Consequent to the passing of Information Technology Act
2000
Effective from October 17, 2000
– Gave legal recognition to Electronic documents
– Defined “Digital Signature” as a means of authentication of an
electronic document
– Imposed certain presumptory value to digitally signed electronicdocuments
– Defined “Admissibility of Evidence” under Indian Evidence Act
Naavi Cyber Law College54
-
8/9/2019 E Banking - Cyber Frauds in India
55/70
What Constitutes Evidence?
Indian Evidence Act (Sec 3) amended to include
Electronic documents
– Evidence means and Includes Electronic Records produced
for inspection of the court
Electronic Record" means data, record or data generated,
image or sound stored, received or sent in an electronic form
or micro film or computer generated micro fiche
– (microfiche=small sheet of microfilm on which many pages of
material have been photographed. Equipment is available thataccepts a data stream from a and exposes film to produce
images as if the stream had been sent to a line printer and the
listing had been microfilmed. )
Naavi Cyber Law College55
-
8/9/2019 E Banking - Cyber Frauds in India
56/70
Admissibility of Electronic Records
65B (IEA). (1) Notwithstanding anything containedin this Act, any information contained in anelectronic record which is printed on a paper,stored, recorded or copied in optical or magnetic
media produced by a computer (hereinafterreferred to as the computer output) – shall be deemed to be also a document, if the conditions
mentioned in this section are satisfied in relation to theinformation and computer in question and
– shall be admissible in any proceedings, without furtherproof or production of the original as evidence of anycontents of the original or of any fact ' stated thereinof which direct evidence would be admissible.
Naavi Cyber Law College56
-
8/9/2019 E Banking - Cyber Frauds in India
57/70
Admissibility of Evidence..2
(2) The conditions referred to in sub-section (1) inrespect of a computer output shall be the following,
namely
– (a) the computer output containing the information was
produced by the computer during the period over which the
computer was used regularly to store or process
information for the purposes of any activities regularlycarried on over that period by the person having lawful
control over the use of the computer;
Naavi Cyber Law College57
-
8/9/2019 E Banking - Cyber Frauds in India
58/70
Admissibility of Evidence..3
(b) during the said period, information of the
kind contained in the electronic reform or of
the kind from which the information so
contained is derived was regularly fed intothe computer in the ordinary course of the
said activities;
Naavi Cyber Law College58
-
8/9/2019 E Banking - Cyber Frauds in India
59/70
-
8/9/2019 E Banking - Cyber Frauds in India
60/70
Admissibility of Evidence..5
(d) the information contained in the electronic
record reproduces or is derived from such
information fed into the computer in the
ordinary course of the said activities.
Naavi Cyber Law College60
-
8/9/2019 E Banking - Cyber Frauds in India
61/70
Admissibility of Evidence..6
(3) Where over any period, the function of storing orprocessing information for the purposes of anyactivities regularly carried on over that period asmentioned in clause (a) of sub-section (2) wasregularly performed by computers, whether – (a) by a combination of computers operating over that period;
or (b) by different computers operating in succession over thatperiod; or (c) by different combinations of computers operating insuccession over that period; or (d) in any other manner involving the successive operationover that period, in whatever order, of one or morecomputers and one or more combinations of computers,
Naavi Cyber Law College61
-
8/9/2019 E Banking - Cyber Frauds in India
62/70
Admissibility of Evidence..7
all the computers used for that purposeduring that period shall be treated for the
purposes of this section as constituting a
single computer; and references in thissection to a computer shall be construed
accordingly.
Naavi Cyber Law College62
-
8/9/2019 E Banking - Cyber Frauds in India
63/70
Certification of Documents
(4)In any proceedings where it is desired togive a statement in evidence by virtue of this
section, a certificate doing any of the
following things, that is to say -(a) identifying the electronic record
containing the statement and describing the
manner in which it was produced;
Naavi Cyber Law College63
-
8/9/2019 E Banking - Cyber Frauds in India
64/70
Certification of Documents..2
(b) giving such particulars of any deviceinvolved in the production of that electronic
record as may be appropriate for the purpose
of showing that the electronic record wasproduced by a computer;
(c) dealing with any of the matters to which
the conditions mentioned in sub-section (2)relate,
Naavi Cyber Law College64
-
8/9/2019 E Banking - Cyber Frauds in India
65/70
Certification of Documents..3
and purporting to be signed by a personoccupying a responsible official position in
relation to the operation of the relevant
device or the management of the relevantactivities (whichever is appropriate)
shall be evidence of any matter stated in the
certificate;
Naavi Cyber Law College65
-
8/9/2019 E Banking - Cyber Frauds in India
66/70
Certification of Documents..4
and for the purposes of this sub-section itshall be sufficient for a matter to be stated to
the best of the knowledge and belief of the
person stating it.
Naavi Cyber Law College66
-
8/9/2019 E Banking - Cyber Frauds in India
67/70
Certification of Documents..5
According to amendment made to Section67,(IEA) – Except in the case of a secure digital signature, if the
digital signature of any subscriber is alleged to have
been affixed to an electronic record the fact that suchdigital signature is the digital signature ofthe subscriber must be proved Secured digital signature is defined by a notification in
October 2004 as a digital signature where the
cryptographic key/smart card is used to securely store anduse the private key
Naavi Cyber Law College67
www.ceac.in
-
8/9/2019 E Banking - Cyber Frauds in India
68/70
Naavi Cyber Law College68
-
8/9/2019 E Banking - Cyber Frauds in India
69/70
For Further Reference
www.naavi.org – Copy of Internet Banking guidelines
– Copy of GGWG guidelines
– Copy of judgments in respect of Umashankar and
Gujarat Petro synthese Ltd
Etc
– Also visit E Safe Banking page on Face Book
Naavi Cyber Law College69
-
8/9/2019 E Banking - Cyber Frauds in India
70/70
Thank You..Questions?
Contact – www.naavi.org
– www.cyberlawcollege.com
– www.ceac.in
E-Mail: [email protected]
Naavi70