Google Pay, PhonePe, and Paytm may deliberately delay transactions, issue fraud alerts, and require an extra layer of user confirmation before processing any transactions that are likely to be classified as fraudulent.

Kindly note the image has been posted only for representational purposes. Photograph: Kind courtesy iMin Technology/Pexels.com

The government is working with third-party Unified Payments Interface (UPI) applications (apps) such as Google Pay, PhonePe, and Paytm, among others, to implement stricter safety measures that flag and block in real time any suspicious peer-to-peer and person-to-business transactions, several people familiar with the developments told Business Standard.

The move aims to curb fraudulent transactions happening through these third-party application providers (TPAPs), especially among less digitally literate users of these apps, an official said.

“The idea here is to ensure that any or all transactions, irrespective of the amount, go through higher checks and balances — even if the total time per transaction rises by a few seconds,” an official said.

To do this, TPAPs such as Google Pay, PhonePe, and Paytm may deliberately delay transactions, issue fraud alerts, and require an extra layer of user confirmation before processing any transactions that are likely to be classified as fraudulent.

These actions are based on signals from the mobile phone number associated with the wallet or bank account registered on the respective app, an executive at one of the payments companies said.

“With the help of artificial intelligence, we have gathered enough signals to flag potentially risky transactions.

“Factors such as the person’s age, how old and active the bank account and wallet used to send and receive the funds are, and whether the mobile number or account that is receiving the money has been flagged in the past are all checked,” the executive said.

Other factors, such as the sender and receiver being in each other’s contact books, call logs, calls and messages at odd hours, or continuous calls on connected devices, are also taken into account when flagging suspicious transactions, the executive said.

“We are leveraging all possible signals.

“While these are early days, the government is hopeful of arriving at a concrete solution to restrict payment fraud through UPI apps to a large extent,” an information technology ministry official said.

Google’s Google Pay, Walmart-backed PhonePe, and Vijay Shekhar Sharma’s Paytm have all adopted a risk-based approach that allows them to restrict or block transactions for users classified as medium-, high-, or very high-financial risk.

The risk-based metric, called the Financial Fraud Risk Indicator, was introduced by the department of telecommunications (DoT) in May this year.

It is a multi-dimensional analytical tool developed as part of the Digital Intelligence Platform (DIP) to empower financial institutions with advanced actionable intelligence for cyber fraud prevention.

For instance, PhonePe’s Protect feature flags and declines high-risk transactions while alerting users before processing medium-risk transactions.

“It is very early days for the adoption of such a risk-based mechanism at an industry level.

“Since multiple stakeholders are involved in overseeing a DIP, companies virtually have complete exposure to the entire user base in India to prevent payment fraud,” an executive at a financial technology firm said.

These apps are also relying on the DoT’s Digital Intelligence Unit, which periodically shares updated lists of disconnected mobile numbers, along with reasons such as involvement in cybercrime, failed re-verification, and others, the sources said.

Although the exact number of fraudulent transactions contained to date by this approach could not be ascertained, industry executives said early results have been promising.

“The database is robust. The approach brings all players onto a single platform, ensuring collaboration between firms — something that was not the case earlier, when each entity only had exposure to its own user base,” another senior executive said.

The focus on fraud prevention comes at a time when UPI, the real-time payments system, accounts for more than eight in 10 digital transactions in India.

Digital payment fraud has also risen in proportion with the growth of UPI.

According to the latest annual report of the Reserve Bank of India, bank frauds surged sharply, with the amount involved nearly trebling to Rs 36,014 crore in 2024-25, compared with Rs 12,230 crore the previous year.

Of this, Rs 25,667 crore worth of fraud was reported by public-sector banks, compared with Rs 9,254 crore a year ago.

The central bank’s report also observed that fraud occurred predominantly in the digital payments (card/internet) category in terms of the number of instances, and primarily in the loan portfolio (advances) category in terms of value.

Feature Presentation: Ashish Narsale/Rediff