Abstract

Technology advancements have reduced the cost of both a mobile device and data connection making it affordable to all. In parallel, mobile applications are also rising providing the quick, easy door-step solution(s) to one's professional and personal requirements. In the current trend of the digital and cashless economy, mobile-based app solutions are easy to use and ubiquitous, facilitating a wide range of banking financial services (pay/collect money etc.) and non-financial services (cheque request, account balance, view transaction history etc.). Mobile app revolution is also accompanied by many known and unknown security risks. Out of the various mobile banking applications, UPI (Unified Payment Interface) based apps are simple, reliable, centrally certified (by NPCI (National Payment Corporation of India)) and more secured. Study of UPI apps revealed the possibility of further security enhancements utilizing technological advancements to detect cybercrimes and fraudulent mobile transactions. This paper discusses UPI based mobile apps (architecture, transactions, features and security issues) and information security enhancement proposals w.r.t authentication and authorization.