FinTechProtection against Fraud on Fintech Apps

April 18, 20250

INTRODUCTION

With the growing reliance on fintech apps for everything from money transfers to investments and loans, managing finances has become more convenient than ever. However, this ease of use also brings an increased risk of fraud.

Scams and unauthorised transactions on these platforms are becoming more common, and even a simple mistake or missed notification can lead to significant financial loss.

A fraud can manifest in various ways. It might involve something as straightforward as someone gaining access to your app credentials and making unauthorised transactions, or it could be more elaborate, such as being deceived into investing in a fraudulent scheme presented through the app.

Common examples include:

  • Unauthorised withdrawals or fund transfers from your account.
  • Fraudulent loan applications made using your identity.
  • Fake customer service numbers that trick you into giving personal data.
  • Phishing links that imitate fintech platforms.
  • Hidden charges or suspicious deductions that you didn’t authorise.

In legal terms, such acts fall under cyber fraud, identity theft, and breach of trust, and they are punishable under the Bharatiya Nyaya Sanhita, 2023 (BNS) and the Information Technology (IT) Act, 2000.

STEP-BY-STEP PROCESS TO LEGALLY REPORT FRAUD

  1. Prompt Action

Time is critical. The faster you act, the higher the chances of limiting your loss and tracing the fraudster. As soon as you notice suspicious activity, stop using the app for further transactions and make a note of everything that happened—dates, times, screenshots, transaction IDs, and communication with the app (if any).

  1. Inform the Customer Support of the respective App

Almost every  app has a dedicated grievance redressal mechanism. Go to their ‘Help’ or ‘Support’ section and raise a formal complaint.

Provide all necessary details, including:

  • Transaction reference numbers
  • Amount involved
  • Screenshots
  • A brief explanation of what happened

Request a complaint ID or ticket number, and ask for the expected turnaround time, which should ideally be within 24 to 48 hours.

If your account has been compromised, ask the platform to temporarily freeze your account or card linked with the app to prevent further misuse.

  1. Report to your Bank or Payment Service Provider

If the fintech app is linked to your bank account or UPI, immediately call your bank or payment service provider (like PhonePe, Google Pay, Paytm, etc.) and inform them of the unauthorised transaction.

According to RBI guidelines, if you report fraud within a stipulated time (usually 3 working days), you may not be liable for the loss. The bank can block further transactions and may initiate a reversal of funds if possible.

Make sure to get a reference number or written confirmation of your complaint.

  1. Register a Complaint on the National Cyber Crime Portal

This step is pivotal. Visit the official National Cyber Crime Reporting Portal: https://cybercrime.gov.in.

Click on “Report Other Cyber Crimes” or “Report Financial Fraud” and fill in the required details:

  • Your contact details
  • Description of the incident
  • Evidence like screenshots or emails
  • Details of the fintech app and transaction

Once you submit the   complaint, you will receive a complaint ID that you can use to track the progress. This step registers the incident in the Government system and initiates the investigation process.

  1. Visit the Nearest Police Station (If required)

Although online reporting is convenient, it is also wise to visit your local police station, preferably a Cyber Crime Cell if available. File a First Information Report (FIR) under the relevant sections of BNS and the IT Act.

The relevant IPC sections typically applied include:

  • Section 420 – Cheating and dishonestly inducing delivery of property
  • Sections 66c and 66d of the IT Act – Identity theft and impersonation

A formal FIR helps expedite the matter and also acts as a substantial evidence if you need to escalate it further or approach the courts.

RIGHTS AND PROTECTIONS FOR VICTIMS

The RBI has laid out guidelines that protect consumers from unauthorised electronic transactions. If you report the issue promptly, especially within 3 working days, and haven’t acted negligently, you’re entitled to a zero liability on the loss.

Fintech companies are also mandated by law to maintain a nodal officer or grievance officer whose contact details are often listed in their privacy policy or on the app. You can escalate your complaint to them if customer service doesn’t help.

If no resolution is received within 30 days, you can file a complaint with the Banking Ombudsman or the RBI’s Digital Ombudsman.

PREVENTIVE MEASURES YOU SHOULD ALWAYS FOLLOW

While reporting is essential, prevention is even better. Here are a few simple practices to help you stay safe while using fintech apps:

  • Enable 2-Factor Authentication: Use an OTP or biometric lock on every transaction/platform.
  • Never Share OTPs or PINs: Legitimate customer service representatives will never ask for these.
  • Verify URLS and Apps: Always download apps from trusted sources like Google Play Store or Apple App Store. Avoid clicking on suspicious links.
  • Regularly Monitor Transactions: Check your account activity weekly, if not daily.
  • Use Secure Internet: Avoid logging into financial apps using public Wi-Fi.

AMLEGALS REMARKS

Becoming a victim of fintech fraud can be an unsettling experience, affecting not just you but also those around you. However, what matters most is how you respond. Legal remedies are available, and both Indian laws and regulatory authorities provide mechanisms to assist and protect consumers in such situations.

It is crucial to act without delay, and keep a detailed record of the incident. Your response plays a vital role—not only in seeking justice for yourself but also in helping prevent similar incidents for others. Fintech is undoubtedly reshaping the future of finance, but with its convenience comes the need for greater awareness and proactive action.

– Team AMLEGALS assisted by Mr. Ashish Singh (Intern)


For any further queries or feedback, feel free to reach out to rohit.lalwani@amlegals.com or mridusha.guha@amlegals.com

 

© 2020-21 AMLEGALS Law Firm in Ahmedabad, Mumbai, Kolkata, New Delhi, Bengaluru for IBC, GST, Arbitration, Contract, Due Diligence, Corporate Laws, IPR, White Collar Crime, Litigation & Startup Advisory, Legal Advisory.

 

Disclaimer & Confirmation As per the rules of the Bar Council of India, law firms are not permitted to solicit work and advertise. By clicking on the “I AGREE” button below, user acknowledges the following:
    • there has been no advertisements, personal communication, solicitation, invitation or inducement of any sort whatsoever from us or any of our members to solicit any work through this website;
    • user wishes to gain more information about AMLEGALS and its attorneys for his/her own information and use;
  • the information about us is provided to the user on his/her specific request and any information obtained or materials downloaded from this website is completely at their own volition and any transmission, receipt or use of this site does not create any lawyer-client relationship; and that
  • We are not responsible for any reliance that a user places on such information and shall not be liable for any loss or damage caused due to any inaccuracy in or exclusion of any information, or its interpretation thereof.
However, the user is advised to confirm the veracity of the same from independent and expert sources.