Insurance Regulatory and Development Authority of India (IRDAI)

Subject – Economy

Context – Widening cyber insurance ambit: Irdai pitches for global jurisdiction

Concept –

Insurance Regulatory Development Authority (IRDA) is a statutory body set up by the IRDA Act, 1999.
It is an autonomous and apex body which has the responsibility to regulate and control the Insurance sector in India.
Insurance Regulatory Development Authority (IRDA) was established after the recommendations of Malhotra Committee report of 1994. The committee had recommended for the establishment of an independent authority for the regulation of Insurance sector in India.
As per the section 4 of IRDAI Act’ 1999, Insurance Regulatory and Development Authority of India has composition of a Chairman; five whole-time members; four part-time members, all appointed by the Government of India.
According to the Irdai document, FIR is a critical requirement to assess claims and hence can’t be fully dispensed with. However, for small claims up to Rs 5,000, insurers may ask for an e-complaint lodged at the National Cyber Crime Reporting Portal.

Cyber- Issues

Cyber insurance policies generally exclude coverage for damaged computer hardware.
Online shopping frauds, like when the item that individual has bought but not received the goods or sold something that has left their custody but the payment is not received, is not covered or only a very small coverage for the same is available.
Non-delivery of goods ordered from merchant or non-receipt of premium while goods are delivered are prima facie business risks and cannot be classified under cyber coverages unless resulting directly from cyber-related events.
As per Swiss Re’s global survey, the top four cyber risk scenarios that people worry about most are: illicit access of financial credentials; identity theft; data loss due to a technical issue; and illicit publication of personal data.

Some of the cyber risks are –

SIM-Jacking: In layman’s terms, SIM-jacking is essentially taking control of someone’s phone number, and tricking a carrier into transferring it to a new phone. Thieves usually manage to gain control of your number by fooling or bribing someone who works for the carrier or contacting the carrier and stating the subscriber’s personal information, which thieves can come by in multiple ways.
Card cloning – Credit card cloning refers to making an unauthorized copy of a credit card. This practice is also sometimes called skimming. Thieves copy information at a credit card terminal using an electronic device and transfer the data from the stolen card to a new card or rewrite an existing card with the information.
SIM Swap – original SIM gets cloned and becomes invalid, and the duplicate SIM can be misused to access the user’s online bank account to transfer funds.
Credential Stuffing – compromising devices and stealing data.