Mobile-wallet ventures are increasingly looking for partnerships with insurance companies in an effort to minimise their liability with risks from cyber security breaches on the rise.

FreeCharge, in December, announced India’s first e-wallet protection plan for all its users, in partnership with Reliance General Insurance. This will be applicable to all FreeCharge wallet balances up to ₹20,000 which can be insured in case a phone is stolen or lost. This protection covers both consumers and merchants.

Other wallet companies are also talking to insurance companies. “We are talking to various insurance companies through Payments Council of India (PCI),” Sunil Kulkarni, Joint Managing Director, Oxigen, told BusinessLine . At present, in case an account gets hacked, the mobile-wallet company has to refund the whole amount to the aggrieved party.

Emails sent to Paytm did not elicit any response. For FreeCharge, apart from the fact that people get protected, the insurance offering can also help in wider adoption of mobile wallets. “We have realised that consumer perception of wallet safety is critical to drive both adoption and retention of our customers,” reasons Govind Rajan, Chief Executive Officer, FreeCharge. Freecharge claims it has “millions” of users, but did not give out the exact number.

For insurance companies, this is another revenue stream in a country that has a small insurance base. As per Insurance Regulatory and Development Authority data, 21.62 crore people or 17 per cent of the population was insured in 2014.

Rakesh Jain, CEO, Reliance General Insurance, said an insurance product around the wallet space is both needed and logical. Karthik Raman, Chief Marketing Officer, IDBI Federal Life Insurance, said it has tied up with mobile wallets such as MobiKwik, m-Pesa and Airtel Money through aggregator BillDesk for renewal payments. He, however, did not specify whether wallets will be insured in case of security breaches.

However, insurance companies are still figuring out how it would make sense to insure mobile wallets. Fundamentally, insurance is about managing risk. Insurance companies pool sums from number of people in the form of premiums and redistribute them in case of any incident. “In the case of a large-scale cyber breach, insurance companies will have to pay out every user — something similar to a natural disaster,” said Ravdeep Sodhi, a Qatar-based cyber security consultant and a former founder of a start-up in this area.

Untrodden path

Considering the scale and frequency of security breaches, insurance companies are a bit weary of getting into this segment.

One of the main reasons mobile wallets are doing this is to minimise a large-scale impact of a cyber fraud, similar to the ones seen by Sony and Target in the US.

Also, technology analysts are now starting to raise concerns over the way hardware (phones) and software are designed. Qualcomm recently claimed that 95 per cent of the mobile phones are unsecured. “A lot of times, hardware is mass produced and software just gets designed around it — which certainly opens up options for any criminals,” said Sanchit Vir Gogia, Chief Analyst, Greyhound Resrach.

“The biggest threat to mobile payment apps is an easy access to the financial information stored in the unsecure memory (of the device),” said Ashutosh Pande, founder and Chief Innovation Officer, PaySe.

Then there are issues with regard to the nature of claims. “Not every claim is genuine. How can the insurance company ascertain if you deliberately give out the password of the wallet or give the phone to a known person, and then claim it as lost,” said Kulkarni of Oxigen.