TL;DR: RBI’s e-rupee (e₹) is legal tender — a digital form of the rupee, issued by the central bank, held in a bank-issued wallet on your phone. By design, several UPI scam vectors don’t translate to e-rupee: there is no OTP in the payment flow, no malicious “collect request” trickery in current retail apps, and no inter-bank reconciliation to manipulate. But four things the popular framing gets wrong:

  1. NPCI is not absent. CBDC-UPI QR interoperability since 2023 means e-rupee payments can be made through existing UPI QR codes — so QR-swap fraud carries over.
  2. RBI has never claimed e-rupee is fraud-superior to UPI. That’s a media reading. The RBI Concept Note in fact warns that strong fraud monitoring is essential.
  3. Device-level risk is real. Phone theft, weak PIN/biometric, malware, and being tricked into sending money “willingly” all carry across.
  4. The §269ST tax position is unresolved. CBDT has not clarified whether receipts via e-rupee count as cash or electronic mode — until they do, do not assume e-rupee receipts are safe under the Rs. 2 lakh cash-receipts cap.

e-rupee earns zero interest on the wallet balance. It is not a Virtual Digital Asset — no 30% crypto tax, no 1% Section 194S TDS. GST treats it like money. The article works through every claim end-to-end.

1. The Mint Infographic and Where It’s Right (and Wrong)

A widely shared Mint infographic positions e-rupee as a structurally safer alternative to UPI — fewer loopholes for scammers, no OTP infrastructure, no NPCI middle layer, no remote-approval fraud. Most of the framing is directionally correct. One claim is wrong, and one is overstated:

  • Wrong: “Direct transfer, no intermediary.” NPCI built and continues to manage the backend infrastructure for retail e-rupee. Since 2023, CBDC-UPI QR interoperability has meant that e-rupee transactions can occur through existing UPI QR codes — banks issuing e₹ wallets (including Axis Bank) confirm this in their CBDC documentation. So while wallet-to-wallet settlement removes the inter-bank reconciliation layer, NPCI is not absent from the merchant payment journey.
  • Overstated: “Eliminates intermediary manipulation.” Wallet-to-wallet settlement removes the inter-bank reconciliation layer, but the bank-issued wallet app itself remains a software intermediary, and UPI-QR interoperability reintroduces the broader payment ecosystem in person-to-merchant flows.

The rest of the infographic — push-only model, no in-flow OTP, no collect-request trickery in current retail apps — is broadly accurate for today’s retail pilot. Whether it stays accurate as RBI expands CBDC features (the moment collect-style requests are enabled, that scam vector returns) is an open question.

2. What e-Rupee Actually Is — In One Paragraph

e-rupee (e₹) is India’s Central Bank Digital Currency (CBDC) — a digital form of the rupee, issued by the Reserve Bank of India as a direct sovereign liability. It is legal tender, exchangeable 1:1 with physical currency. The retail pilot (e₹-R) launched on 1 December 2022 in a closed user group across four banks (SBI, ICICI, Yes, IDFC First). The pilot has since expanded to 17 banks, with around 60 lakh users and roughly Rs. 1,016 crore in circulation as on 31 March 2025 per the RBI Annual Report 2024-25. e-rupee is available in the same denominations as physical currency — 50 paise, Re. 1, Rs. 2, Rs. 5, Rs. 10, Rs. 20, Rs. 50, Rs. 100, Rs. 200, Rs. 500. The wallet sits on your phone (Android/iOS), tied to your bank’s CBDC app; tokens are recoverable through the issuer-bank’s custodial key model if you lose your device.

Three things that make e-rupee architecturally different from UPI:

Feature UPI e-Rupee (e₹) Money form Bank account balance (a claim on your bank) Digital cash token (a claim on RBI) Storage Bank account On-device CBDC wallet (issuer-bank app) Transaction model Account-to-account, routed through NPCI Wallet-to-wallet and wallet-to-account Intermediary Banks + NPCI on every transaction Direct wallet settlement; UPI-QR interoperability brings NPCI back in for many merchant payments Interest on balance Yes (savings rate) No Reversibility Limited — failed-transaction TAT, chargeback flows Limited — only failed transactions auto-reverse (typically within 7 days); successful wallet-to-wallet transfers are final, like cash Legal status Bank deposit Legal tender (RBI liability)

3. The Six UPI Scam Vectors of FY26

Based on RBI / NPCI advisories and recent FY26 reporting, these are the six most common UPI fraud patterns:

  1. Fake collect requests. A fraudster sends a “Rs. X requested” notification disguised as a refund or cashback. The user enters the UPI PIN to “claim” it — and the money goes out instead.
  2. OTP / SIM-swap phishing. A fraudster gets the user to share an OTP, or hijacks the SIM to authorize transactions.
  3. QR code swap / fake QR. A fraudster pastes their own QR over a merchant’s existing QR. The shopkeeper assumes the customer has paid; the money has gone to the fraudster.
  4. Screen-mirroring / remote-access apps. AnyDesk, TeamViewer-style apps installed under pretext (fake customer-care call, “verify your account”) give the attacker direct control to authorize UPI payments.
  5. Phishing / fake bank apps / fake support numbers. Look-alike apps and fake helpline numbers harvest UPI credentials.
  6. Mule-account chains and micro-transactions designed to dodge fraud-monitoring thresholds.

Total UPI fraud in FY26 has been reported at around Rs. 805 crore based on Parliament-data coverage in financial press. QR-swap and collect-request scams are commonly reported patterns, but an official category-wise FY26 breakup has not been published, so any specific share figure should not be cited until it appears in primary RBI / NPCI / Ministry of Finance data.

4. Which UPI Scams Actually Disappear With e-Rupee — and Which Don’t

UPI scam vector Carries over to e-rupee? Why Fake collect requests No (today) Current retail e₹ apps are predominantly push-only — the user initiates the transfer, no pull/collect flow exists in the major bank apps. The day RBI enables CBDC collect requests, this returns. OTP / SIM-swap phishing Reduced e₹ wallet authorisation is PIN/biometric on-device; there is no OTP in the in-app payment flow. SIM-swap doesn’t directly let an attacker spend wallet funds. But social-engineering of the wallet PIN is still possible. QR code swap / fake QR Yes — same risk e-rupee uses interoperable QR codes (CBDC-UPI QR interoperability since 2023). A pasted-over fake QR works exactly the same way. Screen mirroring / remote access Yes — same risk If an attacker controls the device, they can authorize wallet payments. Phishing / fake apps Yes — same risk Fake e₹ wallet APKs have already appeared, and RBI has warned about them. Mule accounts / micro-transactions Probably yes At pilot scale this is unproven, but structurally identical.

Net read: of six common UPI fraud patterns, one is structurally absent in e-rupee today (collect requests), one is meaningfully reduced (OTP), and four carry across largely unchanged. The Mint infographic’s “fewer loopholes” framing is real but partial — and importantly, RBI itself has not declared CBDC less fraud-prone than UPI. The RBI Concept Note (October 2022) explicitly emphasises that strong fraud monitoring is essential for any digital payment system, CBDC included.

5. The New Fraud Surface e-Rupee Creates

The Mint infographic’s “Where fraud can still happen” panel — phone theft, weak PIN/biometric, malware/device compromise, and “user tricked into sending money willingly” — is correct. The risk profile shifts from network-level scams toward device-level risk:

  • Phone theft + weak wallet PIN is the most direct fraud path. Unlike a UPI transaction (which still requires the bank-side PIN even if your device is compromised), a wallet PIN that’s been observed gives full access to the on-device tokens until the user disables the wallet via the bank.
  • Fake e₹ wallet APKs and look-alike apps harvest wallet PINs and tokens. RBI has already issued advisories warning about non-official e₹ apps.
  • Malware / device compromise. Trojan apps, screen-recording malware, or accessibility-service abuse can capture the wallet PIN at entry.
  • Social-engineered “willing send” — being tricked into sending e₹ to a fraudster’s wallet (fake KYC update, fake refund-by-sending-Re.-1, romance scams). No technical control stops this in either UPI or e-rupee. The user authorises the transfer; the system carries it out.

The takeaway is not that e-rupee is unsafe — it is that the fraud surface migrates from the network and OTP layer (where banks and NPCI invest heavily in fraud monitoring) to the user’s device, where the user is the sole line of defence.

6. Reversibility — What “Limited” Means in Each System

The Mint infographic marks both UPI and e-rupee as having “limited” reversibility. The two systems mean very different things by that.

UPI: Failed transactions (debited but not credited) are reversed by NPCI-mandated turnaround times. Disputed-but-successful transactions follow a chargeback flow via the issuer bank. Practical recovery rate on UPI fraud is low but non-zero — banks can sometimes freeze the receiving account if the complaint is fast and the funds haven’t yet moved out.

e-Rupee: Per ICICI / Axis Bank / Indian Bank CBDC FAQs, only failed transactions auto-reverse (typically within 7 days). Successful wallet-to-wallet transfers are designed for finality — the same as physical cash. Once tokens have moved to the recipient’s wallet, there is no chargeback path. Disputes can be raised with the issuer bank but the system architecture treats settled e₹ as final.

For the consumer, this means: if you’ve been scammed via a successful e₹ transfer, your recovery odds are worse than UPI, not better. The “settlement finality” feature that makes e-rupee attractive for instant clearing is also what makes social-engineered fraud harder to reverse.

7. The Tax Angle Most Articles Miss

This is where TaxSocial readers should pay attention — three Income Tax Act questions where e-rupee’s status materially changes the answer, plus one unresolved question that could trap an unwary taxpayer.

7.1 e-Rupee Is NOT a Virtual Digital Asset

Section 2(47A) of the Income-tax Act, 1961 defines a Virtual Digital Asset (VDA) but explicitly excludes Indian or foreign currency. CBDT Notification No. 75/2022 dated 30 June 2022 reaffirmed certain exclusions in this space.

Because e-rupee is legal tender (RBI Act, 1934 read with Finance Act 2022 amendments), it is currency. It is therefore outside the scope of:

  • Section 115BBH — 30% flat tax on income from transfer of VDAs
  • Section 194S — 1% TDS on consideration paid for VDA transfers
  • Section 56(2)(x)(vii) — taxation of VDA gifts above Rs. 50,000

In short: paying with e-rupee, receiving e-rupee, or holding e-rupee has the same income-tax character as paying with, receiving, or holding cash or bank money. It is not a crypto-equivalent.

7.2 GST Treatment

Under the CGST Act, “money” is excluded from both “goods” (Section 2(52)) and “services” (Section 2(102)). Since e-rupee is legal tender, it is “money.” Therefore, based on the current statutory definition of money:

  • No GST is triggered by the act of paying with e-rupee, exactly as with cash or UPI.
  • No CBIC circular specifically on e-rupee has been issued at the time of writing — the position rests on the statutory definition of money rather than a dedicated clarification, which means a future CBIC circular could refine the treatment.

7.3 The Unresolved §269ST Question — Read This Twice

Section 269ST of the Income-tax Act, 1961 prohibits a person from receiving Rs. 2 lakh or more, in aggregate from a person in a day or in respect of a single transaction or event, otherwise than by:

  • account-payee cheque or bank draft, or
  • use of the electronic clearing system through a bank account, or
  • such prescribed electronic mode (Rule 6ABBA).

Rule 6ABBA specifies the eligible electronic modes — credit card, debit card, net banking, IMPS, UPI, RTGS, NEFT and BHIM Aadhaar Pay. CBDC / e-rupee is not listed.

e-rupee transfers happen wallet-to-wallet, not through a bank account. They settle on RBI’s CBDC ledger, not on the banking system’s clearing rails. RBI’s own framing positions e-rupee as “digital cash.”

CBDT has not issued a clarification on whether a receipt of Rs. 2 lakh or more in e-rupee is:

  • (a) cash-equivalent, and therefore in breach of §269ST (penalty under Section 271DA equal to the amount received), or
  • (b) covered by “electronic clearing system through a bank account” / “prescribed electronic mode” under Rule 6ABBA — and therefore safe.

Until CBDT clarifies, the conservative reading is: do not assume e-rupee receipts qualify as electronic mode under §269ST. A practitioner advising a business that accepts customer payments via e₹ should flag this exposure, particularly for high-ticket sales or aggregated daily receipts crossing Rs. 2 lakh.

This is the single biggest compliance grey zone for e-rupee today, and it is not yet on most taxpayers’ radar.

7.4 AIS / SFT Reporting

Banks issuing CBDC wallets remain regulated entities and capture wallet activity in customer records. Rule 114E (SFT) thresholds today reference cash deposits and bank-account flows; no SFT entry exists yet for “CBDC wallet.” A future amendment is plausible. KYC on the e₹ wallet is tied to the bank’s KYC, so AML obligations under PMLA continue to apply.

8. Interest, Anonymity, and Programmability

Three more design choices RBI has built into e-rupee that affect everyday users:

  • Zero interest. The RBI FAQ is explicit: “given the cash-like features of e₹, there is no interest payable on the wallet balances.” This is a real consumer-impact point — money sitting in your e-rupee wallet earns nothing, while the same money in a savings account earns 2.5–4% p.a. Treat e-rupee like a wallet, not a deposit.
  • Reasonable anonymity for small values. The RBI Concept Note says CBDC should offer “reasonable anonymity for small value transactions akin to anonymity associated with physical cash.” A specific value threshold has not been notified — what counts as “small” is unsettled.
  • Programmable CBDC, expanded August 2024. RBI broadened programmable CBDC features for purpose-bound payments — fuel, groceries, education, healthcare, travel — meaning an issuer (employer, government, business) can release e₹ that can only be spent on a specified category. Useful for benefits, scholarships, and conditional disbursements; new fraud vectors specific to programmable CBDC are still emerging.
  • Offline e-rupee. RBI has confirmed offline functionality is live in the pilot (NFC-based) for areas with limited connectivity.

9. So — Is e-Rupee Actually Safer Than UPI?

The honest answer is: partly, by design, today. Specifically:

  • Yes, the OTP-phishing and collect-request attack surfaces are absent or substantially reduced in current retail e₹ apps.
  • Yes, the inter-bank reconciliation layer that some sophisticated UPI frauds exploit is not part of wallet-to-wallet settlement.
  • No, NPCI is not absent — CBDC-UPI QR interoperability means the QR rails most users will use for merchant payments are UPI QR rails.
  • No, device-level fraud (phone theft, malware, fake APKs, social-engineered sends) is not reduced; it’s where the risk now concentrates.
  • No, RBI has not made any official statement positioning e-rupee as fraud-superior to UPI. The “fewer loopholes” framing is media interpretation, not regulatory position.
  • And, recovery from a successful-but-fraudulent e₹ transfer is harder than from a UPI transfer, because settlement finality is the design intent.

For the cautious user, e-rupee changes which defences matter most — moving the burden from “be sceptical of OTP requests” to “guard your device and your wallet PIN like cash.”

10. What to Do Today

  1. Treat e-rupee like a wallet, not a deposit. Keep small balances. Move surplus back to your savings account where it earns interest.
  2. Set a strong, non-obvious wallet PIN. Enable biometric. Keep the device lock screen secured.
  3. Download the e-rupee wallet only from your bank’s official app store listing. Watch for fake APKs.
  4. Treat any “scan this QR” instruction with the same caution as a UPI QR — QR-swap fraud carries over.
  5. Do not assume e-rupee receipts qualify as “electronic mode” under §269ST until CBDT clarifies. For business taxpayers receiving large amounts, document the legal position carefully or get a written view from your tax advisor.
  6. Remember: e-rupee is currency, not VDA. No 30% crypto tax, no 1% TDS on transfers. GST treats it like money.
  7. Recovery from successful e₹ fraud is harder than from UPI. Prevention matters more, because reversal is closer to “impossible” than to “delayed.”

11. Conclusion

The Mint infographic is right that e-rupee removes some of UPI’s most exploited scam vectors — OTP phishing, collect-request trickery, certain forms of intermediary manipulation. It is wrong to suggest there is no NPCI involvement (CBDC-UPI QR interoperability brings UPI rails back into most merchant payments) and overstated to suggest that intermediary manipulation is fully eliminated.

For Indian taxpayers, the more interesting question is not safety per se — it is the §269ST grey zone. Until CBDT clarifies whether receipts in e-rupee count as cash or electronic mode, businesses accepting large e₹ payments are operating in unresolved territory. That, more than the scam-vector comparison, is where competent tax advice will matter over the next twelve months.

Final takeaway: e-rupee is a structurally different payment instrument with a different fraud profile, not a strictly safer UPI. Use it the way you would use cash — small amounts, strong physical control of the device, and cautious record-keeping for tax purposes.

12. Legal & Regulatory References

  • Reserve Bank of India Act, 1934 (read with Finance Act, 2022 amendments) — legal-tender status of CBDC.
  • Section 2(47A), Income-tax Act, 1961 — definition of Virtual Digital Asset (excludes Indian / foreign currency).
  • CBDT Notification No. 75/2022, dated 30 June 2022 — VDA-related exclusions.
  • Section 115BBH, Income-tax Act, 1961 — 30% tax on income from transfer of VDAs (does not apply to e-rupee).
  • Section 194S, Income-tax Act, 1961 — 1% TDS on consideration for VDA transfers (does not apply to e-rupee).
  • Section 269ST, Income-tax Act, 1961 read with Rule 6ABBA — restriction on cash receipts ≥ Rs. 2 lakh; e-rupee not currently listed in the Rule 6ABBA prescribed electronic modes; CBDT clarification on e-rupee status pending.
  • Section 271DA, Income-tax Act, 1961 — penalty for §269ST contravention (equal to the amount received).
  • Section 2(52) and Section 2(102), CGST Act, 2017 — definitions of “goods” and “services” exclude “money.”
  • RBI Concept Note on Central Bank Digital Currency, 7 October 2022.
  • RBI Press Release, 1 December 2022 — launch of retail CBDC pilot.
  • RBI Annual Report 2024-25 — pilot user base and circulation figures.
  • NPCI advisories on UPI fraud — current scam vector profile.

This article is a practitioner-oriented summary. RBI guidance, CBDT clarifications, and the pilot’s operational scope are evolving rapidly. Verify the latest RBI press releases, CBDT circulars, and pilot-bank FAQs before relying on this summary for a specific decision. For a borderline §269ST case, consult an experienced practising chartered accountant.