With the increasing reliance on online trading and demat accounts, ensuring the safety of investors’ assets is a critical concern. The Securities and Exchange Board of India (SEBI) has introduced a series of measures to enhance the security of trading and demat accounts.
A significant initiative is the consideration of a SIM binding mechanism, drawing inspiration from the security features of Unified Payments Interface (UPI) applications. This mechanism would link the user’s mobile device and SIM card to their Unique Client Code (UCC), ensuring that trades can only be executed from authorised devices. This aims to prevent unauthorised access even if the user’s login credentials are compromised. For accessing trading accounts on secondary devices like desktops or laptops, SEBI has suggested the use of time-sensitive and proximity-sensitive QR codes.
This method, similar to that used by social media platforms, ensures that the user is physically present and authorised to access the account. Recognising the vulnerabilities associated with traditional trading methods, SEBI has also proposed strengthening the security protocols for investors who opt for call and trade or walk and trade facilities. This is crucial as these channels can be more susceptible to unauthorised access. SEBI is considering the provision for investors to temporarily lock their trading accounts in case of suspicion of unauthorised access or during periods when they are not actively trading. This feature would provide an additional layer of control and prevent potential misuse. Finally, SEBI plans to implement these measures in a phased manner, starting with the top 10 qualified stockbrokers. This will allow for a smooth transition.
Cyber threats
The SIM binding mechanism, biometric authentication, and QR code-based login will make it significantly harder for fraudsters to gain unauthorised access to trading accounts. The proposed measures are designed to address various cyber threats, and contribute to enhancing the overall integrity of the Indian financial market. There are certain challenges and considerations to be addressed. The success of these measures depends on widespread user adoption. SEBI and stockbrokers need to ensure that investors are educated about the new protocols and are comfortable using them. The implementation of these measures requires a robust technological infrastructure. Stockbrokers need to invest in upgrading their systems to support the new authentication methods and ensure seamless integration. SEBI needs to ensure that these measures are accessible to all investors, including those who may not be tech-savvy or have limited access to technology. Security is an ongoing process.
Saravanan is a professor of finance and accounting at IIM Tiruchirappalli and Williams is the Head of India at Sernova Financial