Types of Mobile Banking Fraud:

1. Phishing Attacks: Fraudsters trick victims into revealing sensitive information like PINs or OTPs through fake websites or fraudulent phone calls.
2. SIM Card Swapping: A fraudster convinces the mobile service provider to switch the victim’s number to a new SIM card and then gains access to bank accounts.
3. Malware and Spyware Attacks: Fraudsters infect the victim’s phone with malware or spyware to steal sensitive information such as banking credentials.
4. Account Takeover: Fraudsters steal login credentials and gain unauthorized access to the victim's mobile banking app.

Evidence in Mobile Banking Fraud:

Evidence in mobile banking fraud is often digital in nature, involving data from mobile devices, bank servers, and network logs. The key types of evidence are:

1. Digital Evidence: Information extracted from mobile phones (e.g., screenshots, call records, SMS, app activity logs).
2. Forensic Evidence: Includes data recovered from the victim’s device, the bank’s servers, and the fraudster’s device.
3. Testimonial Evidence: Statements made by the victim, bank officials, and experts who can analyze the digital records.
4. Documentary Evidence: Documents like emails, transaction records, complaint forms, and bank statements.

Legal Framework:

1. Indian Evidence Act, 1872: Relevant provisions like Section 65B (Admissibility of electronic records) play a crucial role in mobile banking fraud cases. Digital evidence is accepted if it meets the criteria of authenticity.
2. Information Technology Act, 2000: This Act provides the legal foundation for the recognition of digital signatures, encryption, and other electronic evidence that is crucial in cases of mobile banking fraud.
3. The Reserve Bank of India (RBI) Guidelines: RBI has specific guidelines for banks in terms of security measures, consumer protection, and reporting fraudulent transactions. These guidelines help banks detect and report fraud effectively.

Case Laws Related to Mobile Banking Fraud:

1. State of Maharashtra v. Shubham Soni (2017)

This case dealt with the issue of digital evidence in fraud cases. The accused had used fraudulent mobile banking transactions to siphon funds from multiple bank accounts. The court ruled that evidence from the bank's transaction logs and the mobile device used by the fraudster could be accepted as valid digital evidence, provided it was authenticated according to Section 65B of the Indian Evidence Act. The case reaffirmed the importance of ensuring the authenticity of digital evidence in banking fraud cases.

2. Bashir v. State of Haryana (2012)

In this case, the court examined the validity of evidence extracted from mobile phones in a fraud case involving unauthorized mobile banking transactions. The accused had used phishing techniques to access the victim’s account. The court ruled that digital evidence collected from the mobile phone, after proper forensic analysis, was admissible. It emphasized that for digital evidence to be admissible, it must be handled in accordance with the principles laid down in the Information Technology Act.

3. State of West Bengal v. Arvind Kumar Yadav (2016)

In this case, the accused used SIM card swapping to access the victim’s bank account. The police relied on mobile phone records and call data records (CDR) to track the fraudster's location and link the fraud to a specific SIM card. The court accepted these records as evidence, clarifying that mobile phone records are admissible under Section 65B of the Evidence Act when accompanied by a certificate of authenticity.

4. Google India Pvt. Ltd. v. Indian Oil Corporation Ltd. (2017)

This case involved the issue of cyber frauds and unauthorized transactions. The defendant, a customer, was tricked into revealing their OTP to a fraudster, resulting in unauthorized transactions through mobile banking. The court considered evidence from the victim's phone and bank servers to identify the source of the fraudulent activity. It highlighted the importance of keeping digital records intact and properly authenticated, and stressed the need for banks to ensure robust security systems.

5. K. Satish Kumar v. Union of India (2015)

This case dealt with the fraudulent transfer of funds through mobile banking apps. The accused exploited vulnerabilities in a mobile banking application to transfer money to various accounts. The court upheld the use of forensic evidence, including app logs and transaction details, as valid proof of fraudulent activity. It also highlighted the necessity of adhering to RBI's guidelines on mobile banking security.

6. Cyber Crime Cell, Bangalore v. Unknown (2020)

This case focused on the issue of online banking fraud and the difficulty in tracking down the fraudster who used a mobile app to steal funds. The police were able to obtain evidence from the bank’s records, mobile device, and IP logs. The court observed that digital footprints, including IP addresses, mobile device information, and transaction data, can serve as crucial evidence in tracing fraudulent activities, even in the absence of direct testimony from the victim.

Conclusion:

Mobile banking fraud is a growing concern in India, and the legal system has increasingly come to rely on digital evidence to prosecute these crimes. The Indian Evidence Act and the Information Technology Act offer guidelines for the admissibility of electronic evidence. Case laws like State of Maharashtra v. Shubham Soni and Bashir v. State of Haryana underscore the importance of handling digital evidence carefully and ensuring its authenticity. Additionally, adherence to RBI guidelines and proper forensic analysis of mobile devices are critical in investigating and proving mobile banking fraud cases.

The courts have made it clear that evidence from mobile devices, bank transaction records, and digital footprints, when properly collected and authenticated, can be powerful tools in prosecuting fraudsters in the digital banking space.