Mobile payments aren't as safe as you may think

f 2016 was considered the year of demonetization, 2017 would be remembered as the start of the era of payment breaches in India. As a payment forensic investigator, what concerns me is that many of these compromises could have been avoided if basic security essentials were administered.

Payment ecosystem
Global digital payments ecosystem have witnessed massive amount of innovation in the last decade. From time-intensive, laborious cheque-based system to digital payments that are completed in a fraction of a second, we have come a long way. This trend is going to continue and the industry is going to witness further disruption.

Digital payments are believed to help in reducing corruption, boosting GDP and help enhance tax compliance in various developed countries. India will also benefit by going cash-less in the years to come.
Today, India has a number of cashless methods—banking cards, mobile wallets, AEPS, UPI, BHIM, Micro-ATMS, internet banking, etc. Banking cards are our popular debit/credit/pre-paid cards. They have been in the system for quite long and continue to grow with increased number of shops and establishments accepting them.
Mobile wallets are used to make payment based on mobile number of the other party or a QR code. UPI/BHIM and mobile wallets ride on the cell phone. The success or failure of mobile-based payments in India is something that we should keenly watch as we operate on different constraints and opportunities.

Understanding payment security
While it is heartening to note the progress India has made on digital payments, it is also equally important to realize that security of data is the backbone of this new way of life. Without security, digital payments have the risk of breaking the very foundation of trust on which it exists. Securing key data elements that are stored, processed or transmitted in the entire payment lifecycle is important as these elements can be misused to commit fraud. For all its positives, digitisation of payments, also creates the specter of compromise of the data of millions of people if they are not properly protected.
Payment data can be broken into two parts. One is identification data and the other is the authentication data. Identification data is to identify the individual—unique l card number, Aadhaar number, etc.—while authentication data is a PIN or a fingerprint that helps establish the person is who he claims he is. Both these types of data are used for payment processing and pass through number of entities/devices before the transaction getting completed. Both types of data (namely identification and authentication data) are required to be protected at all points in time with the latter being highly sensitive and having stricter requirements.

Breaches around you
While digital payments have grown organically and inorganically (with demonetisation) over the last several years, India has begun to witness its share of payment security breaches. Some of the breaches like the debit card breach, UPI compromise, inter bank transfers hack or the hack of a leading mobile wallet company are all publically known. But away from these, there are a number of payment breaches that go unreported due to lack of public disclosure norms in the country.

Recent breaches like Equifax that happened in the US have proven that payment data are not just with processors but also with third parties like credit-rating agencies, and a compromise can happen to any entity in the eco-system. We, as payment security specialists, see an alarming increase in the number of breaches in the country. Unless immediate actions are taken, we are going to see these breaches continue unabated.

The responses to these breaches and concerns so far have been mixed. We have had few organisations take this on themselves to secure their infrastructure while we have most in the ecosystem say, "This is a someone else's problem—we are secure".
On the regulatory side there is some action but there is lack of effective enforcement. For example, a 2013 RBI guideline says that banks are required to adhere to payment security standards (PCI-DSS) but the compliance rates amongst banks are still in single digits. Even the banks that comply end up with restricting the scope undermining their very compliance.
For mobile wallets, RBI has issued a few guidelines for getting a security audit conducted but without a benchmarking payment security standard for each of the cashless methods. This allows each of the players to define "what is secure", making the exercise ineffective.
Payment breaches are borderless, and we in India need to learn from all the breaches that have happened globally apart from our own set of breaches.

The need for standards
So what is required urgently is an iron-fisted enforcement of payment security standards such as adopting international payment security standards across cashless systems. For cashless methods that are unique to India like UPI, BHIM, AEPS, there is a need for an expert committee to study the current set of international payment security standards and see how the same can adopted with few modifications.

It is heartening to note that government is mulling a Digital Payments Act with inter-ministry representatives, and we hope that it constitutes a panel of digital payment security experts who can help them devise with standards to address this issue.

A simple mandate that organisations need to secure the payment data is not going to work, unless we clearly define the standards that are required to be followed by every entity in the eco-system. The expert committee should review the international payment security best practices, open up for public opinion and come out with a clear and decisive mandate that will help foster payment innovation in a secure environment.

We also see a growing trend of innovation that is happening by lowering security posture. This has to be discouraged and the only way to do this is by laying down some ground rules of security that cannot be compromised by way of enforcing security standards.

Timely enforcement of payment security standards will help us not only build a secure digital payment ecosystem but also achieve the country's dream of going cashless. If we fail to harness security as part of our digital payments mission, we would be only setting our clock backwards rather than forward.

(Dharshan Shanthamurthy is a payment security specialist and works as the Chief Executive Officer of SISA. The views expressed are personal. This article is from our Cyber crime special series ' 

Twitter's updated harassment policies to come in effect from November 22

Over the last month, Twitter has drawn ire from users all over the world for not doing enough to combat against hate speech, trolls and online harassment. The social media platform, in all fairness, has responded with announcement of several steps to tackle the problem. Now, it has announced that the new set of rules will come in effect from November 22. 

In a tweet posted from @TwitterSafety account, the company said, "We will now launch our policies on violent groups and hateful imagery and hate symbols on Nov 22. During the development process, we received valuable feedback that we're implementing before these are published and enforced."

In a series of tweets published, Twitter further explained how it has updated the non-consensual nudity policy to better protect victims. "We've updated our non-consensual nudity policy to better protect victims by expanding the types of content we remove, harsher penalties for offenders, and more rigorous review for accounts that post this type of media," the tweet mentioned. 

Last week, Twitter also published a blog post explaining why it takes time to implement new rules and regulations. "We write one set of rules for the hundreds of millions of people who use Twitter and the hundreds of millions of Tweets sent every day. Given that scale, we've built a process that gives us time to recognize the impact of what these changes mean for everyone," the blog post had noted.

The blog post further referred to how the company gets inputs from a diverse set of people from across the world. "We gather input from around the world so that we can consider diverse, global perspectives around the changing nature of online speech, including how our rules are applied and interpreted in different cultural and social contexts."

"Making a policy change requires in-depth research around trends in online behavior, developing language that sets expectations around what's allowed, and reviewer guidelines that can be enforced across millions of Tweets."

On October 14, Twitter CEO Jack Dorsey had also posted a series of tweets underlying Twitter's seriousness to tackle online hate, abuse and harassment.

Oppo R11s First Sale Registration Opens Ahead of Launch; Sports 18:9 Display

Oppo R11s First Sale Registration Opens Ahead of Launch; Sports 18:9 Display

Oppo has listed the all-new R11s featuring an all-screen bezel-less design in its home country. The company has opened registrations for the new Oppo R11s in China for the first sale which is November 2. There's no pricing announced so far. The Chinese listing confirms that the R11s goes on sale from November 2 which should be the day of price announcement as well.

  The biggest highlight of the Oppo R11s is its all-screen display with an aspect ratio of 18:9. The listing says Oppo R11s will be available in Black, Champagne, and Red colours. Considering the Oppo R11 was launched at CNY 2,999 (roughly Rs. 28,450) and the Plus variant at CNY 3,699 (roughly Rs. 35,100), we can expect the Oppo R11s to be priced in between these two models.

The Oppo R11s is expected on Color OS based on Android 7.1 Nougat. The biggest highlight of the smartphone is its dual camera setup at the back, as revealed on the company site. It sports dual cameras one 20-megapixel and another 16-megapixel sensor accompanied by a dual-LED flash and f/1.7 aperture. It supports 2X optical zoom, Qualcomm Spectra ISP, Portrait Mode, and more features. At the front, there's a 20-megapixel sensor for selfies and video chats accompanied by an LED flash

It is said to feature a 6-inch AMOLED display with 1080x2160 pixels screen resolution. There's no physical home button at the front while fingerprint scanner is located at the back. Much like the Oppo R11, the R11s is said to be powered by a Snapdragon 660 SoC. On the site, it is seen with 4GB of RAM and packs 64GB inbuilt storage. It is said to be backed by a 3200mAh non-removable battery.

OnePlus 5T Appears in Leaked Hands-On Photo, Camera Samples Teased

 

Following some initial leaks, the highly rumoured OnePlus 5T has now finally appeared in an alleged hands-on photo. OnePlus executives have also teased the new development by posting a couple of images that are likely to be captured by the upcoming flagship. The latest findings match the specifications that had lately surfaced in a pre-order listing in China.

The first in the series of new leaks is the hands-on photo that allegedly showcases the front of the OnePlus 5T. The image, surfaced on Weibo, gives another hint about the presence of a bezel-less display on the new OnePlus smartphone that would come with 18:9 aspect ratio. Furthermore, it highlights the absence of the iconic home button on the front that has been a part of the OnePlus series since the OnePlus 2 launch in July 2015.

Another image available on Weibo shows the complete back of the OnePlus 5T. It suggests that the smartphone would sport a rear-facing fingerprint scanner, as pointed out from a recent teaser.

In addition to the images, OnePlus Co-Founder Carl Pei posted an image on Twitter on Wednesday that appears to be captured by the OnePlus 5T. "Cool photo, must have come from a great camera," Pei tweeted alongside the image. The monochrome image seems to be captured in a low light environment - detailing the premium capabilities of the next OnePlus flagship.

CEO Pete Lau joined the ongoing teaser trend by uploading a coloured shot through his Twitter account. "Impressive photo. Must be a great camera," the tweet reads.

If we believe some of the trending stories, the OnePlus 5T will come with an upgraded dual-camera setup that would include optical image stabilisation (OIS) and a larger set of image sensors than what was featured on the OnePlus 5 earlier this year. The smartphone is also rumoured to have a 6-inch full-HD+ display and would be based on Android Oreo out of the box.

Nvidia GeForce GTX 1070 Ti High-End GPU Announced, Prices Start at Rs. 39,000 in India

 

Nvidia has announced a new GPU, the GeForce GTX 1070 Ti, which slots in between the GeForce GTX 1070 and GeForce GTX 1080, both of which were launched in the middle of 2016. Nvidia fleshed out its range with more affordable GTX 1060 and GTX 1050 models over the course of last year, but this is the first new model to be inserted into the middle of the lineup. It is aimed directly at AMD's recently launched Radeon RX Vega 56, closing a gap in Nvidia's lineup which AMD was able to exploit.

Nvidia partners including Asus, Gigabyte, MSI, Zotac, Palit, Galax, PNY, and Inno3D will be launching GeForce GTX 1070 Ti graphics cards on November 2. Nvidia's Founders' Edition card, with the same blower-style stock cooler used across the rest of the GTX 1000 series, has officially been priced at Rs. 39,000 ($449 in the USA), but manufacturers will also be releasing custom versions with their own coolers and other tweaks. Street prices are also likely to vary thanks to cryptocurrency mining.

Nvidia says that units will be available on launch day in 238 countries including India. Online retailers in India already have one custom-cooed Inno3D model listed, priced at Rs 42,000. Radeon RX Vega 56 cards sell for the same amount, so other models should give it still competition. The GTX 1070 Ti will also displace factory-overclocked GTX 1070 cards which are priced at this level and even higher. There has been no official price reduction for the GTX 1070.

According to Nvidia, the GeForce GTX 1070 Ti delivers twice the performance of the venerable GeForce GTX 970. It uses the same GPU design, named GP104, as the GeForce GTX 1080. It has 2,432 active CUDA cores divided into 19 clusters that Nvidia calls Streaming Multiprocessors. It has a base speed of 1607MHz and a boost speed of 1683MHz. For comparison, the GTX 1080 has 2,560 CUDA cores, and runs between 1607MHz and 1733MHz. Cards based on both GPUs ship with 8GB of RAM on a 256-bit bus, although the new GTX 1070 Ti uses 8GBps GDDR5 RAM which is slower than the GTX 1080's 10Gbps GDDR5X. 

The GTX 1070 Ti's TDP is rated at 180W, and Founders' Edition cards will require a single 8-pin PCIe power connector. Custom cards from Nvidia's partners might have higher factory clock speeds and more robust power requirements, as well as custom circuitry. Nvidia's reference design calls for one DVI port, one HDMI port and three DisplayPorts for video output. 

Nvidia is targeting gamers who want to play at 2560x1440 or ultra-wide 1080p monitors at the highest graphics quality settings. At 2560x1440, Nvidia claims 51.4fps in Rise of the Tomb Raider, 103.2fps in Fallout 4, and 69.7fps in The Witcher 3:Wild Hunt. It is also positioned as suitable for VR gaming. 

iPhone X Pre-Orders Open Today, Price in India Starts at Rs. 89,000

 

iPhone X, Apple's first all-screen smartphone, is all set to go up for pre-orders in 55 countries including India from today, Friday, October 27. The phone will go on sale next Friday, November 3, in the same regions i.e. Andorra, Australia, Austria, Bahrain, Belgium, Bulgaria, Canada, China, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Greenland, Guernsey, Hong Kong, Hungary, Iceland, India, Ireland, Isle of Man, Italy, Japan, Jersey, Kuwait, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Mexico, Monaco, Netherlands, New Zealand, Norway, Poland, Portugal, Puerto Rico, Qatar, Romania, Russia, Saudi Arabia, Singapore, Slovakia, Slovenia, Spain, Sweden, Switzerland, Taiwan, UAE, the UK, the US, and US Virgin Islands.

iPhone X pre-orders and price in India

If you are interested in pre-ordering the iPhone X in India, you can head to Amazon or Flipkart - iPhone X pre-orders open at 12:31pm IST, the same time that pre-orders open in Cupertino, California at 12:01am local time on Friday. Users can also head to Apple resellers and other partner outlets to pre-book their iPhone X unit.

iPhone X India price starts at Rs. 89,000 for the 64GB version while the 256GB version is priced at Rs. 1,02,000. The smartphone will be available in Silver and Space Grey colours. Apple has already revealed pricing of the Apple-designed accessories like leather and silicone cases which will be available starting at Rs. 3,500. An all-new iPhone X leather folio will be available at Rs. 8,600 while a Lightning Dock in colour-matching metallic finishes will be available at Rs. 4,700.

At this price, the iPhone X will be the most expensive smartphone in the country with closest rival being the Pixel 2 XL, which went up for pre-orders in India on Thursday at Rs. 73,000 for the base variant. Apple's own iPhone 8 and iPhone 8 Plus went on sale in India back last month. The iPhone 8 price in India starts at Rs. 64,000 for the 64GB variant and is Rs. 77,000 for the 256GB model. iPhone 8 Plus64GB and 256GB storage models come at Rs. 73,000 and Rs. 86,000, respectively.

iPhone X specifications and features

iPhone X is the company's first all-screen smartphone and sports a 5.8-inch Super Retina display. It packs Face ID, wireless charging, all glass and surgical-grade stainless steel body. It also comes with water and dust resistance. It has two 12-megapixel cameras with OIS. The rear camera now packs dual optical image stabilisation which includes new colour filter, deeper pixels, and image signal processor. There's a 7-megapixel front-facing FaceTime HD camera. It is powered by A11 Bionic processor which comes with neural engine for supporting machine learning, augmented reality and 3D gaming. The iPhone X sports an all glass and stainless steel design with all-screen display.

HTC's New U-Series Smartphone to Sport Rear Fingerprint Sensor, U11 Life Expected

We are merely a week away from HTC's upcoming new U-series smartphone launch but the leaks around the event aren't stopping. The Taiwanese handset maker has teased the new U11 variant on Twitter with a teaser that says, "You'll see it all on 11.02.2017." Separately, prolific tipster Evan Blass has claimed that the November 2 launch event could only see the mid-range HTC U11 Life being unveiled and not the HTC U11 Plus, which has been making rounds on the Internet.

The newest teaser by the company seemingly shows the upcoming handset's rear panel. Some of the features that are being revealed by the official teaser includes presence of fingerprint scanner at the back, single primary camera lens which means no dual camera setup, and LED flash. The HTC branding is also clear at the back. At the moment, it isn't clear whether the handset shown in the teaser is the U11 Life or the U11 Plus.

If Evan Blass is to be believed then the smartphone in the teaser is indeed the HTC U11 Life which will be unveiled on November 2. A Geekbench browser benchmark listing leaked earlier this week claimed that the HTC U11 Life showed the 

smartphone running Android 7.1.1 Nougat and was powered by a Snapdragon 660 SoC. There was 3GB of RAM on board. The benchmark listing also suggested that the unit scored 858 in single-core and 4136 in multi-core tests.

The Taiwanese handset maker has been dropping hints about the upcoming smartphone, and said that it will bring back the "BrilliantU", confirming that the new device will indeed be U-branded. The new smartphone can be expected to come with squeezable frames, much like the HTC U11.

Unity Partners GameCredits to Bring Blockchain to Games

 

Popular game engine Unity has signed a deal with GameCredits, a Belgrade-based company that runs GPlay - a mobile game store that uses digital blockchain currency that is also called GameCredits.

GameCredits’ mobile game store, GPlay, will be integrated with Unity’s game development ecosystem and developers will be able to publish their games directly to GPlay. GPlay will share 90 percent of gross revenue (instead of the industry standard 70 percent), and will pay developers within 60 hours (instead of 60 days).


"Unity is known for aggressively adopting new technologies that democratize game development, solve hard problems and enable success for developers. With GameCredits, we intend to bring about a paradigm shift in the gaming industry. Blockchain solutions will help disintermediate game publishing and give better returns to creators," said Hubert Larenaudie, President Asia Pacific, Unity Technologies.

“Our partnership with Unity Technologies is a major step forward for both the gaming industry and the blockchain world. With GPlay and our eSport platform, we are bringing the benefits of blockchain and digital assets to the largest global audience yet, enabling true mainstream adoption of these technologies for the first time,”said Sergey Sholom, GameCredits CEO and GPlay President.

Considering that cryptocurrency is yet to undergo regulation in emerging markets like India, it will be interesting to see how this deal impacts content distribution. Allowing developers to publish directly to GPlay could make things easy for developers but it also makes us wonder if there are any safeguards in place to prevent consumers from downloading rogue apps or malware that’s been an issue on other store fronts like Steam and Google Play in the past.

Acer Predator Triton 700 Ultrathin Gaming Laptop Launched in India: Price, Specifications

 

Taiwanese PC giant Acer on Tuesday launched its latest gaming laptop in India, the Predator Triton 700. An ultrathin offering, the notebook is powered by a seventh generation Intel Core i7-7700HQ processor, Nvidia GeForce GTX 1080 GPU, and will be available in India through Acer Exclusive Stores and authorised online stores at a staggering price of Rs. 2,99,999. To recall, the laptop was first unveiled at the company's Next@Acer event in New York this April.

Acer says it has managed to fit top-end specifications into the Predator Triton 700 in relatively slim (for a gaming laptop) chassis that's 18.9mm thick thanks to Nvidia's Max-Q technology and its own innovative cooling featuring AeroBlade 3D metal fans. The fans are said to increase airflow by 35 percent compared to conventional fans, yet take up less space. The laptop also features two 512GB NVMe PCIe SSDs in RAID 0 configuration and 16GB of 2400MHz DDR4 RAM (upgradeable up to 32GB).

The Acer Predator Triton 700 sports a 15.6-inch full-HD (1920x1080 pixels) IPS LCD display with LED backlighting, 300-nit brightness, a 120Hz refresh rate, 170-degree viewing angles, with optional support for Nvidia's G-Sync tech. Acer is also touting Dolby Atmos surround sound and Acer TrueHarmony technologies on the laptop deliver a better audio experience. The laptop also has Skype for Business Certification to superior teleconferencing. It has two stereo speakers.

Other features of the Acer Predator Triton 700 include Killer DoubleShot Pro networking and Thunderbolt 3 connectivity, dual-band Wi-Fi 802.11ac with 2x2 MIMO technology, Bluetooth v4.1, two USB 3.0 ports (featuring power-off USB charging), one USB 2.0 port, an HDMI 2.0 port, one DisplayPort connector, and a Gigabit Ethernet port. The laptop also has a Corning Gorilla Glass plate above the keyboard serves as a window into the notebook's cooling system and is also certified as a Microsoft Precision Touchpad.

The Predator Triton 700 also has an RGB-backlit mechanical keyboard with anti-ghosting tech, and Acer says the laptop comes with its PredatorSense software to enables gamers to control and customise the Predator Triton 700's vitals from one place. The laptop weighs 2.6kg, and is powered by a 4670mAh battery rated to deliver up to 5 hours of battery life.

Speaking on the launch, Chandrahas Panigrahi, Acer India CMO and Consumer Business head, says, "Acer has the widest range of gaming PCs and with every launch of a new gaming laptop, we make sure that the experience is more immersive. Gamers looking for a sleek design with uncompromised power will find the Triton 700 to be the perfect machine. With an ultraslim form factor, it is one of the few notebooks that was truly built from scratch keeping in mind philosophy of delivering the maximum performance in the slim and light package offering maximum efficiency."

Kaspersky Detects Lazarus-Controlled Servers in India

 

IT security software maker Kaspersky has detected some servers in India that were used by notorious cyber criminal gang Lazarus which is believed to be behind large scale cyber-attacks across the world including recent WannaCry ransomware.

While researching the latest activities of the infamous cyber criminal group Lazarus, Kaspersky Lab has uncovered a number of compromised servers being used as part of the threat actor's global command and control infrastructure, the software company said.

"The compromised servers, found in Indonesia, India, Bangladesh, Malaysia, Vietnam, South Korea, Taiwan, and Thailand, among others, could be used by Lazarus to launch targeted attacks against a company or organisation," Kaspersky Lab said in a statement.

Korean speaking Lazarus group is believed to be behind recent high profile cyber-attacks like the 2014 hack of Sony Pictures, the million-dollar Bangladesh Bank heist in 2016, and the recent WannaCry destructive ransomware epidemic, as per the statement.

The criminal group by name of Guardians of Peace had claimed responsibility on Sony Pictures. It had demanded Sony to pull down film 'The Interview' which was a comedy about a plot to assassinate North Korean leader Kim Jong-un.

Kaspersky said that Lazarus which is also Korean speaking group "is thought to be state-sponsored".

The US, China and India are top three countries housing maximum number of compromised servers, the Kaspersky Lab report said.

According to open source intelligence, three of the top five countries that still have servers carrying this vulnerability are in the APAC region: China (with 7,848), India (1,524), and Hong Kong (1,102). The US tops the list with the most vulnerable servers (11,949), while United Kingdom ranks 5th with 805," the report said.

Kaspersky Lab said that researchers have discovered that the servers had been infected using malware called Manuscrypt, which could have been installed using a vulnerability in Microsoft Internet Information Services that was patched by Microsoft on June 13, 2017.

Apple's long-standing dispute with Samsung back in court yet again

The patent battle between Apple and Samsung -- two technology behemoths -- is set to be reprised. The long-standing dispute between both companies just refuses to die down. In 2012, a court had ordered Samsung to pay $1 billion to Apple though the amount was further brought down after Samsung had appealed. Now, the case has taken another twist as the amount could once again be revised.

A U.S. judge has ordered a new trial to determine how much Samsung Electronics Co should pay Apple Inc for copying the look of the iPhone.

U.S. District Judge Lucy Koh in San Jose, California issued an order late on Sunday, 10 months after the U.S. Supreme Court set aside a $399 million award against Samsung for mimicking the iPhone's look for its Galaxy and other devices.

The Supreme Court said damages could be based only on parts of a device that may have infringed patents, not necessarily the entire device.

Koh said the jury instructions at the Apple-Samsung trial "did not accurately reflect the law" and may have prejudiced Samsung by preventing jurors from considering whether any infringement covered "something other than the entire phone."

The $399 million is part of a $548 million payment that Samsung made to Apple in December 2015.

Apple had argued that no new trial was warranted, and that the $399 million award should be confirmed. It did not immediately respond on Monday to requests for comment.

Samsung, in a statement, said it welcomed Koh's order.

New smartwatch allows users to feel virtual objects

WASHINGTON: Scientists have developed a smartwatch that works in multiple dimensions and allows users to see and feel virtual objects while watching videos or playing games.

"Understanding and improving how humans interact with computers are essential parts of technology development," said Xing-Dong Yang, assistant professor at Dartmouth College in the US.

The smartwatch called RetroShape will allow users to view a video or play a game, and provide feedback that lets them feel a ball bounce or an asteroid explode.

Each pixel on RetroShape's screen has a corresponding tactile pixel - or taxel - on the back of the watch face, allowing the virtual world to be extended to the 2.5 dimensional physical space.

The construction allows watch developers to use the wearer's skin under the watch face for feeling output that matches the visual content being displayed on the watch.

The back to the watch face is constructed using 16 independently moving pins that allows for the real-life rendering of shapes and movement, researchers said. 

Jio to change from a hunter to farmer by 2018: Fitch Ratings

NEW DELHI: The new entrant in the telecom industry, Reliance Jio, is expected to shift its approach from a hunter to a farmer by 2018, said Nitin Soni, Director at Fitch Ratings.

"Right now they are hunting for a larger subscriber base, they already have about 139 million subscribers, by 2018 we expect them to achieve about 200 million subscribers," Soni told BTVi in an interview.

"And then we think in 2018 their behaviour will change from a hunter to a farmer and they will start making some money on their large $30 billion investment. And that point of time if we start looking at incumbents they will also benefit from the rational price in the industry," he added.

Talking about pricing or tariff, Soni said the average tariffs have been on the decline from the last four to five years. "And recently with the entry of Reliance Jio, the blended average revenue per user has rapidly declined because of lower data tariff and voice being cannibalised by data."

"And now because the industry structure has been corrected into three large players, Jio, Bharti And Vodafone-Idea, we think at some point of time Jio will start converting its behaviour from a hunter to a farmer."

Asked if rationalisation of pricing will adversely impact Jio's customer retention, Soni said: "Jio in the short term will remain very aggressive. They will continue to offer discounts and promotions, the cheaper handsets and other marketing strategies to increase their subscribers' base.

"I think right now the challenge in front of them is to amass the larger subscriber base. The subscribers which were with the smaller telcos, which have already exited like Tata and Telenor, they will try to poach in those subscribers. And probably some subscribers from incumbents like Bharti, Vodafone and Idea as well."

He feels that as Jio goes along, in 2018 when it will have a critical 200 million subscribers then it will gradually and slowly stop giving promotions and discounts.

"In some quarter there could be bit of a decline in ARPU (average revenue per user) and they will give some more discounts and given the whole industry nature, it is a prepaid market you always have to be really aggressive. But I think overall the industry structure is corrected and three large players are there, I do not see them killing each other further to gain more subscribers."

He thinks these three players in the medium term will start making healthy profit and will return back to a rational kind of competition in the sector.

"Now Jio's offering is slightly cheaper than the incumbents. It is not very different now. I think the top three players' tariff would be around Rs 140-150 levels. But I think going forward the telco which will provide a good quality of data to their subscribers, the subscribers will naturally move to that. Pricing will be more or less same for these three telcos," Soni added.

Jio rate hike positive for telecom sector, pressure continues

NEW DELHI: The recent increase in Reliance Jio tariffs will increase its average revenue per user by up to 20% and is a positive for the telecom sector which is seeing rapid consolidation, says a Philip Capital report.

However, a Credit Suisse report has said that the new tariffs of Jio are still 65% lower than an average smartphone customer was paying before its launch which would continue to put pressure on average revenue per user (ARPU) of incumbents.

"The company by reducing validity on the most popular Rs 399 plan to 70 days from 84 days will result in effective ARPU increase by 20%. The earlier Rs 399 plan with 84 days validity is now available for Rs 459 entailing a 15% ARPU increase. Thus effective ARPU will rise by 15-20% for Jio subscribers on the most popular plans," the Philip Capital report said.

Jio should be able to maintain the revenue traction in the forthcoming quarters and reduction in interconnection usage charges on the other hand will help the company in keeping costs under control, it said.

"We find that Jio is increasingly growing in confidence about its network and product quality and the pace of ARPU increases should sustain as the value offered by Jio still far exceeds the incumbents plans by a significant margin," it said.

Reliance Jio made its service dearer by about 15% for its popular 84-day plan at Rs 459 from October 19, under which subscribers get 1GB 4G data at high speed per day.

The company restructured its various schemes by reducing their validity period.

Philip Capital said that Jio will realise the benefits of higher ARPU over the next 3 to 6 months which would also translate in improvement of industry growth.

"The Indian telecom industry is seeing huge amount of consolidation and with decreasing choices for the subscribers the operators will compete on quality of service over the medium to long-term. This could mean sustained increase in ARPU over the medium to long-term. We are highly optimistic on the prospects of the Indian telecom industry," it said.

Established telecom sector players have seen huge reduction in their margins. Idea Cellular and Reliance Communications first time reported consolidated loss mainly on account of free services launched by Jio.

The Credit Suisse report said that even after increase in cost of services Jio's tariffs are still more than 65% below the ARPU levels which prevailed before launch of Jio services.

"At 20% increase every three months, we need at least 18 months for the smartphone customer segment to return to pre-Jio levels of ARPU. With over 65% discount still running, we expect a downward pressure on ARPU for incumbents to continue," it said.