UPI Fraud Cases and Financial Losses Surge Over Five Years, Government Data Reveals

Financial fraud linked to India's Unified Payments Interface (UPI) has risen dramatically over the past five years, with reported cases more than tripling and losses quadrupling, according to official data disclosed by the Ministry of Finance in a written response to the Lok Sabha.

The statistics reveal a concerning trend in digital payment fraud, even as UPI transactions continue to grow exponentially across the country, raising questions about the adequacy of current consumer protection mechanisms.

Background and Context

UPI, India's flagship instant real-time payment system, has revolutionized digital transactions since its launch in 2016. The platform, developed by the National Payments Corporation of India (NPCI), processes billions of transactions monthly, making it one of the world's largest digital payment ecosystems. However, its rapid expansion has been accompanied by increasing vulnerabilities exploited by fraudsters.

According to parliamentary records, UPI fraud cases increased from 4.07 lakh in 2021–22 to 13.42 lakh in 2023–24, before a slight decline to 12.64 lakh in 2024–25. The current financial year (2025-26) has already seen 10.64 lakh cases reported until November, suggesting the problem remains substantial.

Key Figures and Entities

The Ministry of Finance's response, filed in the Lower House of Parliament, quantifies both the frequency and financial impact of these frauds. The monetary losses have escalated from ₹242 crore in 2021–22 to a peak of ₹1,087 crore in 2023–24, before moderating to ₹981 crore in 2024–25 and ₹805 crore so far in the current financial year.

Multiple government entities oversee digital payment security, including the Reserve Bank of India (RBI) as the primary regulator, NPCI as the operator of UPI, and the Ministry of Finance which sets policy directions. Despite coordinated efforts, fraud prevention measures have not kept pace with the sophistication of cybercriminals exploiting the platform's vulnerabilities.

Legal and Financial Mechanisms

The government has implemented several safeguards to protect users, including device binding technology, two-factor authentication through PINs, transaction limits, and restrictions on certain high-risk use cases. The RBI has periodically issued guidelines on digital payment security, while NPCI has introduced features like UPI Lite and hello! UPI to enhance user protection.

However, fraudsters continue to employ various tactics including phishing attacks, deceptive remote access requests, and manipulation of the collect request feature. The rapid digitalization of financial services, accelerated during the pandemic, has created new attack vectors that traditional security measures have struggled to address adequately.

International Implications and Policy Response

The scale of UPI fraud highlights challenges faced by rapidly digitizing economies worldwide. While India's UPI system has been lauded internationally and exported to several countries including France, Singapore, and the UAE, the fraud patterns raise concerns about the replicability of these vulnerabilities in other markets.

Domestic policy discussions have centered on strengthening consumer redressal mechanisms, improving fraud detection through artificial intelligence, and increasing awareness among users about security practices. The Ministry of Electronics and Information Technology has collaborated with financial institutions to launch awareness campaigns, though experts argue that more systemic solutions are required.

Sources

This report draws on written responses provided by the Ministry of Finance to the Lok Sabha, public documentation from the Reserve Bank of India, and information available through the National Payments Corporation of India regarding UPI operations and security measures.