ANALYSIS OF THE READINESS OF INDONESIAN PEOPLE AND REGULATIONS IN HANDLING FRAUD ON TECHNOLOGY EXPLOITATION

1Mustika Prabaningrum Kusumawati, 2Ari Nur Rahman, 3Panzi Aulia Rahman, 4Henry Adrian Sumule, 5Endrojoyo Sigit Triyono 1Universitas Islam Indonesia 2Indonesia Eximbank (Lembaga Pembiayaan Ekspor Indonesia (LPEI)), Indonesia 3PT. PLN (Persero), Indonesia 4Alumni of Institut Teknologi Sepuluh Nopember Surabaya and Institut Teknologi Bandung, Indonesia 5Head of the Inter Bank Transfer Reconciliation Departement, Indonesia


INTRODUCTION
The development of information technology has a big influence in supporting business continuity among producers, consumers, distributors and financial service institutions. The development of financial technology (Fintech) has begun in the banking world since 1866, known as the Real Time Gross Settlement System (RTGS). Along with the growing business needs, there was a transition period of change from the era of analog technology to the era of digital technology from 1967 to 2008 which was marked by the emergence of automatic teller machines (ATMs) and SWIFTs which made it easier to transfer abroad. It was then followed by the era of internet banking along with the increasingly widespread internet network.
In the two eras of technological development, banking was still a pioneer in financial technology (Fintech) innovation. Since the increasingly widespread fiber optic and cellular internet networks, however, financial service institutions other than banking have begun to emerge and help smooth payment transactions within one country or between distant countries. The era began with the increasing use of smartphones which was then supported by financial product and service innovations such as PayPal and Payoneer which were still based on Visa and MasterCard network, and then followed by mobile phone and user-friendly applications such as Venmo, Skrill, Stripe, and 2 Checkout. The internet giant like Google and e-commerce giant Amazon even issued similar applications called Google Wallet and Amazone Payments. In Asia, it began with the slogan of the e-commerce giant Alibaba from China, namely "Embracing Secure, Multiple Use Cases, Anywhere, Reward, Technology (SMART) Living" by issuing an Alipay payment application which was then followed by Tencent which started focusing on online communication services WeChat which then developed and presented WeChat Pay.
In Indonesia, the Fintech 3.0 and 4.0 began with increasingly heard slogans promoted by banking book IV such as "Digital Banking" and competing to make mobile phone banking applications in order to transact and make payments through the palm of the hand. In this era, however, banking has not become a major player in the payment sector. Even in Fintech sector with Online Lending type, banking is relatively slow compared to the growth of Fintech companies that are increasingly developing and in demand by consumers or the public in general. This condition is inseparable from the many regulations that supervise banking performance so as not to cause systemic losses.
Existing regulations in Indonesia refer to regulations issued by Bank Indonesia, the Ministry of Communication and Information, and the Financial Services Authority (OJK) as Fintech supervisors. One effort to provide a legal umbrella for the development of Fintech is the existence of the Regulation of Financial Services Authority (POJK) No.13 / POJK.02 / 2018 concerning Digital Financial Innovation (IKD). With the existence of this regulation, there are several Fintech registration mechanisms for startup companies (Non-Financial Services Institutions) and Financial Services Institutions in each of the banking, capital market, and Non-Bank Financial Industry sectors.
In fact, there are still some conditions that are the subjects of discussion in the developing Fintech service sector at this time. One of them is the impact or readiness perceived by banks that are classified in Book I and Book II as well as Rural Banks (BPR). In addition, special attention needs to be paid to Finyech consumers or the general public regarding the existing conditions and regulations for Fintech. It is necessary to consider the dangers or consequences that will be received by consumers when transacting at Fintech service providers, both registered and not registered with Bank Indonesia and the Financial Services Authority (OJK).
Another phenomenon is the lack of a complaints channel or Whistleblowing System (WBS) specifically for Fintech.
During this research, only 1 complaint channel related to Fintech was found since November 1, 2018, which was pioneered by the Legal Aid Institute (LBH), while the institutions or state institutions or associations still relied on consumer complaints channels in general. Based on information obtained by researchers in collaboration with several Legal Aid Institutions (LBH), the information obtained was approximately 3,400 complaints of Fintech violations in Jakarta, 30 complaints in Yogyakarta, 650 complaints in Surabaya until February 2019.
The current condition of Fintech development is like a diamond showing its beauty without seeing the being sacrificed. Therefore, it is necessary to add a Whistleblowing System (WBS) or consumer complaints channel specifically for Finyech into a Fintech ecosystem. Widespread offers to join a Fintech company with income above the average of other companies become a concern for employees who work at Fintech companies to report fraud acts that occur. According to Kusumawati et. all (2018), company employees are lazy to become whistleblowers because they are already in the comfort zone and are afraid of losing their jobs. So reports from whistleblowers or consumers as Fintech users are very reliable.
In creating security for customers and reducing the risk of loss to Fintech companies without obstructing the development of Fintech that has participated in supporting the rise of the Indonesian economy, there is a need for in-depth research that goes down directly to the field and interacts directly with Fintech customers personally. In addition, the research should include technology so as to be able to provide input to encourage the growth of the Indonesian economy through a healthy Fintech that is accommodated by new regulations or strategies that have been and will be issued by regulators in Indonesia.
This study aims to determine 1) The aspect of consumer awareness in utilizing the recht vacuum gap or the consumer's indifference toward applicable regulations is a major factor in the continued development of Fintech in Indonesia.
2) The level of behavior of Fintech companies and marketing employees who are trying to find a vacuum recht gap raises the intention to commit fraud. 3) Whistleblowing system or consumer complaints channel for Fintech can be effective in identifying fraud cases created by the Fintech ecosystem.

LITERATURE REVIEW AND HYPO-THESIS Financial Technology (Fintech)
According to Amer et.all. (2016), financial technology (Fintech) is the use of information technology that aims to provide financial solutions by using innovation in improving services in the financial services industry. While the word "Fintech" itself has entered the Oxford Dictionary, that is, a computer program used to support or activate banking and financial services. The term fintech was first introduced by CitiGroup in the 1990s through the Financial Technology Services Consortium project in introducing the use of faster technology in banking financial services.

Radio Frequency Identification (RFID), Near Field Communication (NFC), and Cyanogen Mod
RFID is a technique to identify an object using radio frequency spectrum which is then explained in detail in ISO / IEC 18000. The RFID technique can be used if an RFID frequency spectrum reader is available. A more modern technique that is becoming a trend among millennials is the use of smartphones that support NFC. NFC is a development or evolution of RFID technology. NFC is a two-way wireless interface device and is often referred to as contactless transaction technology. On smartphones that support NFC there are antenna and controller of the use of electric current as needed. On another occasion, the NFC antenna can still receive radio analog signals with a slight change in the algorithm through the system installed on the smartphone. In the active mode, NFC can be communicated with other NFC devices even with a barcode scanner and several Electronic Data Capture (EDC) devices that already support charging digital currency cards and debit cards as well as credit cards in the use of payments without swipe magneting strips. Based on the Regulation of the Director General of Resources and Postal Devices and Information Technology No. 1 of 2019, NFC spectrum is in the range from 13,553 to 13,567 MHz with a maximum transmit power of 10 meters.
Cyanogen Mod is a smartphone operating system that is open source and can be installed together with the Android smartphone system. Cyanogen Mod itself was officially stopped and renamed Lineage OS. Researchers still use the term Cyanogen Mod because the XDA Developers Android Forums are still familiar with the name of Cyanogen Mod which is then abbreviated as CM. CM itself was developed for non-profit by utilizing ideas from android developers across the world. The development is based on software such as the kernel and firmware which are open source and official from Android released by Google.
With a little creativity and intermediate knowledge about the use of Cyanogen Mod, someone who has a smartphone that supports RFID and NFC technology can easily commit fraud in getting information about credit card, debit cards, as well as transfer digital currency card balances without being read by PoS terminal core banking system of a bank. Such a condition creates fraudulent behaviors, in this case skimming and cloning, committed traditionally using a reader which is placed at an ATM. And it has been said to be a traditional act of fraud. Skimming and cloning have become easy to do. Even based on experimental results using an official smartphone from Android, someone can do it with a distance of 30 centimeters.

Financial Technology (Fintech) Ecosystem
The term ecosystem in Indonesian Dictionary means a special condition of the community of a living organism and the components of non-living organisms from an environment that interact with each other and the interaction of a reciprocal relationship. Thus, Fintech ecosystem will discuss about the various elements that interact with each other and provide mutual relations to support the growth of a healthy Fintech.
According to Welchek (2015) in Lee and Shin (2018), there are 5 elements that can support the formation of the Fintech ecosystem: Fintech Starups, Government, Technology Developers, Traditional Financial Institutions, and Financial Customers. Within the scope of financial services technology, a healthy and dynamic Fintech ecosystem which is anti-fraud culture can stimulate the growth of various sectors and be one of the supporting elements in local economic growth. It can also attract talented, ambitious people to generate creative and innovative thinking in supporting financial services business processes.

Recht Vacuum
Enforcement and application of law often collide with the development of society.
The development of society is always faster than the development of laws and regulations. The principle of legality is defined as a principle that can provide legal certainty, but the fact is that the sense of justice of the community cannot be fulfilled because it is the development of the society itself that is moving rapidly along with technological advances and the times. This is the reason why law and regulation cannot possibly regulate all aspects of people's lives so that it is inevitable that sometimes a law is unclear or incomplete which results in the recht vacuum in the community.
According to the Law Dictionary, recht (Dutch) objectively means law. Grotius in his book "De Jure Belli ac Pacis (1625)" states that "the law is the rule of moral conduct that guarantees justice". Whereas Van Vollenhoven in "Het Adatrecht van Ned. Indie" reveals that law is a symptom in the association of life that is constantly turbulent in a state of collision and banging endlessly with other symptoms. Wignjodipuro (1971), in "Pengantar Hukum" (Introduction to Law) provides an understanding of the law that "Law is a set of life rules that are coercive, containing an order, prohibition or permission to do or not do something and with a view to regulating order in people's lives.". The life rules are both written rules in the legislation and unwritten rules in custom.
The Indonesian Dictionary (1989), provides the definition that emptiness is a matter (condition, nature, etc.) of emptiness. The definition of Vacuum (Dutch) based on the Law Dictionary is "empty or vacant". Narrowly, the "legal vacuum" is defined as a state of the absence of statutory regulations that govern, or it could also be said that this legal vacuum occurs because the things or conditions to be regulated by the regulation have changed or even if it has been regulated in a statutory regulation, it is still unclear or even incomplete. This is actually in line with the slogan which states that "the formation of a statutory regulation is always lagging or underdeveloped compared to events in the development of society.
Rect Vacuum (legal vacuum) has an impact in the form of rechtsonzekerheid (legal uncertainty) which will further lead to rechtsverwarring (legal chaos) in the sense that as long as it is not regulated it means that it is permissible, as long as there is still no clear procedure it means that it is not prohibited.
The Implementation of Anti-Fraud Culture through the Whistleblowing System (WBS) or Consumer Complaint Channels in the Formation of the Financial Technology (Fintech) Ecosystem. The issue of the availability of a Whistleblowing System (WBS) channel or a consumer complaints channel has again become a concern in the development of the business world, especially the development of Fintech in financial services. Many literatures or studies have touched on the importance of the Whistleblowing System (WBS) in the formation of sound business processes. The benefit of the Whistleblowing System (WBS), as proposed by KNKG (2008), is that WBS can be an early warning system for fraud.
According to Kusumawati et. all (2018), until now the Law on Whistleblowing System (WBS) is still partial, so that it still refers to several legal umbrella of witness and victim protection, protection of reporters and witnesses in Money Laundering Crime as well as other regulations. The phenomenon of the absence of a special legal umbrella was answered again after the case of the dismissal of a private employee due to terror from the way of collecting loans online to the supervisor of the employee. But there was a case that became a major concern, in which a taxi driver at one of the leading taxi companies committed suicide because he was unable to repay his loans online and held back the shame because the people around him already knew and continued to get terror due to his loans.

METHODS Research Method and Design
The research method used in this study is a qualitative method. The approach used by researchers is based on a grounded approach that sees a condition directly from the field, historical approach, and ethnographic approach.
Grounded Theory was first introduced by Glasser and Strauss (1965,1967) in the social world, especially health. According to Fuady (2018), grounded research is a research model that determines generalization of empirical data based on field data so that concepts and categories are formed in determining the theory. In this grounded research, the first thing to look for is data in the field, and then a theory is found that is directly sourced from the data that has been found. Therefore, grounded research is qualitative in nature which seeks to describe and formulate a theory acquired (not to verify speculative theories or verify existing theories) but based on analysis and interpretation of facts and real data in the field which directly intersects social problems happening in society.
According to Liusvaara (2015), in order to guarantee that there is a match between the data and the theory produced, the grounded research process must meet four criteria: validation of real empirical field data, the researchers' overall mastery of the phenomenon under study, the process of generalization of the findings with other supporting contexts of the phenomenon under study, and controlling process by anticipating findings that may not be in accordance with the findings or previous theories of other parties. In supporting the fulfillment of these criteria, it is necessary to do a technique or a series of tiered research such as open coding data, axial coding data, selective coding data, the process of memoing, theorizing, integrating, conceptualizing, shorting which will produce categories, and data-based or big data based-concepts and theories.
Grounded research that produces theories based directly from the real life of Indonesian people is likely to solve the recht vacuum gap problem in Indonesia.

Type and Source of Data
The types of data used in this study are primary data and secondary data as supporting data. The data source is obtained from the grounded research model, with the following figure:

Data Collection Technique
Data collection technique used in this study is a grounded research model that adopts questionnaire techniques, telephone interviews, in-depth interviews face to face with several respondents who meet the criteria and are willing to provide information, literature review based on applicable legal regulations, and the use of online data search techniques. Population, according to Sugiyono (2009), is an area that has been determined by researchers consisting of research subjects or objects (respondents) who have certain qualities and characteristics to be studied, understood and then obtained conclusions. In this study the researchers use a population of 259 respondents divided into 3 groups. The first group consists of 140 respondents who fill open questionnaires via Google Form, the second group consists of 45 respondents who make online nonloan Fintech transactions, and the third group consists of 74 respondents who make online loans Fintech transactions. The second group is mostly students of the Faculty of Law at the Universitas Islam Indonesia, while the third group is mostly online motorcycle taxi drivers and office drivers who are members of a number of online motorcycle taxi communities in Jakarta and Yogyakarta as well as several entrepreneurs who are members of agricultural cooperatives around the area of Region 3 Cirebon and around the area of Buton Regency.
The steps taken in the grounded research model are as follows: 1. Make an agreement between the researchers and subject 1 and subject 2 to follow the instructions of the researchers during the study and will be given incentives in the form of interest payments from Fintech loans or administrative costs during transactions using Fintech. virtual system Android applications on 8 laptops. 6. Phase 1 is trying to install the Fintech application that has been selected in advance by the researchers without giving any access rights. 7. Phase 2 is again trying to install the same Fintech application in step 1 for subjects 1 and 2 by giving the requested access rights as a whole. 8. A total of 4 people on subject 1 open 2 savings accounts at Bank of Book 1 and 2 savings accounts at Bank of Book 2. 9. All subjects 1 carry out normal transactions in general using the Fintech application and specifically 4 people in subject 1 make transfers via ATM on a newly opened account into 3 times namely normal time, high season Source: Descriptive Analysis, processed (2019) time, and the end of day / month of the banking system. 10. Researchers divide 3 phases on subject 2 namely:

Install and integrate
• Phase 1: Subject 2 makes online loans through the Fintech application with a tenor from 1 to 3 months with smooth payments and is accelerated in the 1st month.
• Phase 2: Subject 2 again makes online loans through the Fintech application with a 3-month tenor through a smooth payment for the 1st month and late payment scheme for the 2nd and 3rd months. • Phase 3: Subject 2 again makes online loans through the Fintech application with a 3-month tenor through a smooth payment sheme for the 1st month, while the 2nd month is paid together with the payment for the 3rd month with late payment scheme. In addition, subject 2 also makes an online loan to another Fintech application with a tenor of one month, which is paid smoothly. And subject 2 installs the latest Fintech online loan application that is registered in the Fintech OJK Directory. 11. All processes are analyzed and recorded on a scheduled basis through the cloning of the Android system of 119 subjects found on 8 laptops. 12. During the research stages on subject 1 & 2, the researchers also conduct a review of the applicable regulations and conduct interviews with sources and victims who have direct contact with Fintech. And the researchers try to use an Android smartphone that supports NFC and RFID and have been installed with Cyanogen Mod + NFC Proxy.
All results described on the grounded research model are then analyzed using the Pivot Table Microsoft Excel Professional Plus 2016 application and the Nvivo v12 Pro application based on field data based or big data obtained.

RESULT AND DISCUSSION
Demography, according to Kotler & Keller (2016) in ACFE (2017), is a science that studies population, such as density, location, age, gender, ethnicity, type of work and various other types of statistics.
This demographic analysis serves as supporting information and provides an overview of respondents used in research in the form of primary or secondary data. Demographic distribution of respondents can be seen in in Appendix 1.
When the data were analyzed, many respondents did not understand how to distinguish between illegal and official Fintech applications registered with regulatory authorities in Indonesia. Respondents assumed that the Fintech applications appeared on the Google play store were all official applications registered in Indonesia. Surprisingly, there were only a few respondents who knew what authorities that had the right to oversee Fintech's activities in Indonesia.
In addition, 3 different conditions were found about respondents who were willing to be whistleblowers or to report on consumer complaints channels about fraud that occurred when interacting using the Fintech application. The first condition was seen by respondents who interacted with online non-loan Fintech applications, such as e-commerce and digital wallets. Despite the act of fraud, respondents assumed that even if they made a complaint to a Fintech service provider, it would not significantly influence the satisfaction they would receive. The efforts they made would not be worth with the results obtained, especially if the nominal loss was immaterial. However, this was different when respondents interacted with Fintech online loans. They were willing to be whistleblowers or reported fraud on the consumer complaints channel for fraud that occurred. This was motivated by the taking of various information contained on the respondent's smartphone which then disrupted the respondent's daily life.
Other conditions occurred for respondents working as marketing who were not willing to be a whistleblower for fraud that occurred around their environment. This was motivated by the rational thinking of respondents who assumed that the exchange of consumer information they had with consumer data from other marketing employees was one of the easiest ways to support the achievement of targets every month.
This condition was inseparable from the existence of a recht vacuum which formed a condition to be utilized by certain people to gain profit. Recht vacuum conditions found by researchers can be seen in Table 1.
Based on the review of researchers, there are 9 points of Recht Vacuum in supporting government programs to create positive economic growth through technology, especially Fintech: • The absence of a regulation, specifically the Law governing the Protection of Personal Data. Researchers consider that the existing regulations and legislation are still lacking to be used as a basis to strengthen the argument  (1) of the ITE Law concerning sexual harassment through electronic media when billing, the researchers think that there need special regulations that are more indepth related to the mechanisms and sanctions that will be faced in online loan billing. • Determining the provision of access to emergency numbers to Fintech is important because it reduces excessive intimidation toward customers due to late payment of their online loans. Until this research taking place, what the researchers know is that there is only an appeal from the Regulator to the Fintech companies to request a maximum of 2 emergency contact numbers in the event of a delay in loan repayment. The condition that becomes the main concern of researchers is the customer data retrieval in the form of minimal access to telephone contacts and short messages when new customers try to install the Fintech application.
With the condition of the Indonesian people who are still in the stage of trying something new in technological developments, this has become a huge loss experienced by the customers. Without knowing the existence of personal data retrieval by the Fintech application that is embedded in the smartphone and subconsciously the customer gives legal access rights for the granting of permission (agreement between the application provider and the customer) to be able to access telephone contacts, short messages and so on. The researchers hope that there will be a written regulation issued along with the sanctions for granting access to 2 emergency contacts, and not allowing access to telephone contacts when the customer has not registered to enjoy the services that the Fintech application has. However, the rates for receiving loan interest earned by individuals may vary, bearing in mind that the income tax rate for individuals applies a progressive rate principle. The progressive rate is between 5% and 30% depending on the income received by the individual. The question is who will make the tax deduction?
The tax payment mechanism will be carried out by the recipient of the loan interest. In addition to this affirmation, researchers see the need for relaxation of tax regulations related to the imposition of tax objects on the Fintech online loan scheme. Because in general, this condition can be one of the factors causing the high interest of Fintech online loans today apart from the high risk of online loans without collateral. In addition, researchers see that in the future there will be a problem when there is tax audit on funders, recipients of funds, and Fintech companies due to lack of ease in depositing taxes so that it will result in aggressive tax planning that might even lead to tax avoidance and tax evasion.  from credit risk so that it does not meet the accounting going concern principle in knowing the condition of Fintech's financial statements from time to time. Based on the recht vacuum gaps that have been described, the researchers find fraud during research process through the grounded research model due to the recht vacuum gap. The distribution of respondents which is based on the frequency of fraud that occurs when using Fintech when the grounded research model takes place is shown in Figure 2.
The latest demographics based on our questionnaire, interview and grounded research model are done by the researchers based on the frequency of fraud that occurs when using Fintech. As many as173 activities or 33.59% are Digital Currency  "It is impossible. Just bringing closer or attaching a smartphone, then in a short time, it can take credit card data and electronic money card balances, more over at the same time making payment transactions." With 197 times of experiments on respondents with activity frequency more than 2 times on 1 respondent produced data of 173 times of activity. Then researchers considered that exploiting technology for digital currency fraud succeeded in retrieving information data on credit cards, debit cards, and electronic money cards of respondents. These actions make it easy to skimming to make a new credit card or attach it to a barcode machine to make transactions directly and can be used without requiring an OTP password from a credit card when making transactions via the internet network. Whereas for electronic money taken on e-money cards can be transferred directly to other e-money cards or accommodated and used during transactions. However, it is surprising that the theft using NFC and RFID technology can be done by setting the smartphone's IMEI number, IP Address and it is possible to encrypt NFC and RFID networks so that the transaction terminal's Point of Sales (POS) on the Bank system cannot detect this condition. When looking at the era of e-commerce goes to contactless, researchers found 2 international e-commerce that have applied NFC technology to their payment methods to make it easier for customers in making transaction, where they do not need to re-type the card number, card active period, cardholder's name, and other information needed in making transactions, especially through cards that are integrated through the MasterCard network. Even when researchers tried to make NFC payments using data that has been skimmed through the NFC Proxy application, it can be recorded on the NFC payment service to the 2 e-commerce sites.

Digital Currency Fraud -Phishing
-System of Illegal Smartphones. This condition occurred when there were 3 respondents' smartphones that entered Indonesia illegally or without going through the Domestic Component Level (TKDN) process. With the default Android software when buying a smartphone, through an analysis of the smartphone LOG, it was found that there was already an adsense pop up advertisement and with the activity behind the smartphone screen that sent smartphone user data information, such as passwords, credit card numbers stored on the android system, to IP Address outside Indonesia.

Digital Currency Fraud -Theft of
Digital Money Wallet & Internet Protocol Address. This condition is closely related to theft carried out without the knowledge of the smartphone owner. It is possible that the company providing the Fintech application regularly takes digital money in a small scale. What happens in reality is that the resources owned by the Fintech provider company, even though it has followed the relevant authority regulations that must use the IDR currency and only intended for certain citizens who are becoming foreign tourists in Indonesia, this can occur with experiments conducted by researchers by transacting through the Fintech QR Code application but not through the IP Address of sending transaction data in Indonesia, which can be seen from the smartphone LOG when transacting using an IP Address outside of Indonesian territory. It is feared that this condition will not be recorded in the national account of electronic transactions in Indonesia.

Software Bug Fraud -Electronic Money
Transfer & Minus Balance of Digital Wallet Money. This condition occurs when there are bugs in the software with 3 different conditions as follows: a. The first condition occurred in one of Fintech which caused the digital currency balance in the Fintech application to be minus when used by consumers. In this condition, many consumers were contacted via e-mail or text messages (SMS and Whatsapp). Settlement of the minus balance was then charged to consumers with intimidation that if the consumer did not immediately top up the digital currency balance in accordance with the specified time, it would be resolved through the applicable legal channels. Some respondents said that when the error of the system occurred, respondents only transacted to buy food through QR Code payment 1 times, but the balance was reduced 8 times which caused the balance to be minus. b. The second condition occurred in one of the Fintech which caused the Fintech company to experience a substantial loss. The loss was due to one of the features offered by Fintech e-wallet to buy Google Play vouchers (GPC). The bug software e-wallet was found on the purchase of GPC worth IDR 500,000, which then consumers of e-wallet users only paid IDR 22,000. The solution made by the Fintech e-wallet company was by withdrawing from a balance on the account belonging to consumer who had utilized the bug software. Withdrawing balances at some consumers made the account balance minus. In addition, the Fintech company also billed customers via text message and through email registered on the account. c. The third condition occurred when researchers tried to make transactions in the banking accounts book 1 & 2 which already had an ATM at the time of the end of day or month core banking system. Of the 4 banks that were tested, 2 banks used the same core banking and 1 bank used core banking as a product of the development of its Technology Information Department. The results showed that there was an indication of bug when making transactions through the ALTO and Union Pay networks, with the time limits when transacting at an ATM approaching the time limit of the transaction which was then followed by clicking the transfer button at the end of day or month core banking system that became an experiment bank, and several transactions entered the bank account. However, for transactions on bank accounts (Banks books 3 and 4), these transactions were considered as void transactions and did not reduce the account balance. The condition was a little difficult to trace if it did not examine in detail the journals formed on the transaction, due to identical reference numbers that were formed from the results of data sent by companies providing interbank transaction services with reference numbers from transaction recipient banks. Based on the results of the recipient bank's opinion, the situation was due to the limited costs incurred to use all the features contained in the third-party core banking system and the nonexistence of bug algorithm from the development of the core banking system.

Non-Delivery and Different of
Merchandise Fraud. This condition occurred when respondents were buying goods from e-commerce applications in the country and abroad. The goods purchased were sent not in accordance with the purchase agreement and even no item was sent, or only the cardboard folds received by the respondent. The action taken by the respondent by reporting the seller of goods through the e-commerce application did not produce any results and sometimes there were no substitutes commensurate with the items purchased. 6. Investment Fraud -Ponzi Schemes and Pyramid Schemes. This condition was closely related to the existence of the Fintech application which admitted to being affiliated with an international investment broker. The mechanism used was by issuing illegal digital certificates that were embedded in the Fintech application to convince consumers to invest by providing high investment returns. Examples that were indicated using Ponzi Schemes in investing through Fintech were GCG Asia and MIA FintechFX. 7. Telemarketing fraud. This condition occurred when there was arrogance from marketing employees to the algorithm contained in the Fintech application. This condition occurred with 2 different conditions: a. Telemarketing through the Fintech application that had a feature to request access rights, even without asking for access rights from the smartphone owner. Some conditions that occur are as follows: • When installing the Fintech Loan Online application, only 2 of the 74 Fintech applications researched that could be installed without giving access rights to a cellphone contact or others. The data transmission for the installation mostly took place prior to an agreement to make a transaction with the customer, so that at least the telephone and LOG contact data on the hand phone had been sent. Even for the illegal Fintech application, it was found access to a smartphone camera and the installation of malware ghost push without the permission of the smartphone owner. The malware was aimed at smoothing the takeover or known as keylogging smartphone to access smartphones secretly. The data retrieval will increase if there is a delay in the payment due for the loan. Another thing that was not explained in the cooperation agreement in the loan was the repayment mechanism that was faster than the actual maturity, until there was no solution to do the restructuring of the online loan agreement. • An e-commerce application that is a part of Fintech is the discovery of Adware that infiltrates smartphone systems. The adware acts on the background of the android system which will display pop up ads, display ads when reading online news. • It was found 1 application of international banking and 1 application of national banking that provided convenience in viewing transactions on credit cards, requesting the right of access as a whole to telephone contacts. b. Telemarketing through marketing employees is in the following ways: • Offering product in a timeless manner. The offer was made via telephone, SMS, or Whatsapp. Even during the research process, there were offers via SMS and whatsapp that included a link that contained malware. And in the algorithm contained in the instant message was found a spouseware attachment which automatically sent instant messages to various contacts and groups on whatsapp. • Based on the results of the questionnaire and in-depth interviews which were then practiced by one of the respondents, it was found that there was a practice of exchanging and even buying and selling cellphone numbers of IDR 500,000 for every 200 cellphone numbers. • Based on information from one respondent with a marketing background in a Financial Services Institution (LJK), it was found that there was customer who was included in the National Black List (DHN) from Bank Indonesia and had loans that were included in the NPL category at one of traditional Financial Service Institutions but was still free to conduct transactions by investing as a funder for Online Fintech Loans. • In the telemarketing procedures for billing, it was found intimidation to the research respondents using high-pitched sentences or abusive sentences, threats to billing, and the distribution of personal data to 119 contact groups that were given access. The distribution of personal data was in the form of slander for acts of sexual harassment committed by respondents in arrears on loans. The factors that affect the chances of fraud as explained above are the lack of public knowledge of the procedure for transactions using Fintech, loosening of applicable regulations, and the arrogance of Fintech customers to take advantage of the Fintech bug software to get the maximum profit without thinking about the impact of the law behind it, and the arrogance of the Fintech company to minimize the big risks that will occur. In addition, there is indication that the formation of the Fintech ecosystem with other traditional financial services is not yet maximal. The situation is exacerbated by the unavailability of the Whistleblowing System (WBS) through the special complaint channel related to Fintech, which is only available at the Legal Aid Institute (LBH) in Jakarta but OJK and Bank Indonesia still provide a channel for consumer complaints in general.
The results of research on RFID and NFC technology support the the results of research conducted by Ariansyah (2012) that NFC technology on smartphone technology devices needs to have binding standards as well as increased socialization and education to the public about NFC technology as one of the payment instruments.
Researchers illustrate that the formation of a healthy Fintech ecosystem and an anti-fraud culture should be done like in the division of sea area ownership between the territorial sea zone and the free sea zone. Where territorial sea zone means the use of internet access to support financial services quickly but still has territorial zone ownership limits based on imaginary lines, namely the use of IP Address, in the sovereign territory of a country every time conducting financial transactions, while the free sea zone means a free zone in the use of IP Address to provide internet benefits in addition to financial services.

CONCLUSION
Based on the observations, the very rapid development of technology to support fast and unhindered financial services can create a large gap in the readiness of the use of technology era 4.0 in the country. Without strong preparation, it will increasingly create a big gap in the formation of the Fintech technologybased fraud chain. The four main factors are the large recht vacuum gap, the unpreparedness of the Indonesian people who are still engulfed in a culture of lazy reading the terms and conditions required by Fintech and regulators, arrogance of customers who understand the existence of the Fintech bug software to gain profit as much as possible without thinking about the legal impact behind it, and the arrogance of using technology resources owned by Fintech companies and marketing employees. The researchers assume that the arrogance of the technology resources owned is used to create a big data in minimizing the risk of the Fintech company and the opportunity in the pressure perceived by marketing employees to achieve the specified targets. This is also the arrogance in the use of errors / bugs in the Fintech system and the inability of the Indonesian people to understand the use of Fintech which only follows social trends and high levels of trial and error over Fintech. It is also complemented by the non-maximum consumer complaints channel or the Fintech special whistleblowing channel system which is shown by the high number of complaints by Fintech customers to be the main spotlight that has not been resolved to date. Other conditions that influence the high interest rate of Fintech online loans, one of which is the imposition of an income tax object on loan interest as explained in Law No. 36 of 2008 concerning Income Taxes.
Therefore, researchers provide suggestions in the formation of the Fintech ecosystem by implementing anti-fraud as one of the drivers of Indonesia's economic growth as follows: 1. Creating a society that understands technology, especially Fintech and not following the trend of a certain Fintech only. It can be done by establishing an educational curriculum from an early age about technological knowledge, making more intense socialization by regulators, or by follwing trends in the technology era by inserting ad content using adware that aims to educate Indonesian society. 2. Making an integrity pact to support anti-fraud and anti-money laundering among regulators, Fintech associations, and Fintech companies when making official registration with regulators. 3. Regulators should get rid of egoism between institutions by synchronizing verbally or nonverbally through technology channels that are automatically integrated between state institutions, such as Bank Indonesia, the Financial Services Authority (OJK), Ministry of Communication and Information, PPATK, and the Ministry of Finance which focuses on the Director General of Taxes and others in making better Fintech regulations that can be a driver of economic growth in Indonesia. As for the new regulations or the updates can at least accommodate the following conditions: • Rules regarding prohibition on requests for access right of the collection of consumer information data before the customer agrees in accordance with the agreement to transact through the Fintech application. • Rules regarding billing procedures and the upper limit of online loans or digital credit cards (pay later). • Rules regarding the mechanism for accelerated repayment and online loan restructuring. • Rules regarding the settlement of customer or Fintech company losses for the existence of Bug Software. • Closing all illegal download paths of the Fintech application registered in the Google Play Store by requiring all Fintech company IP Address channels through a special channel. • Collaborating with operators of communication service providers to make the algorithm for using non-Indonesian IP Addresses which is automatically blocked and unable to make transactions through Fintech. • Rules regarding NFC and RFID proxies on smartphone companies which can be seen in the PoS terminal banking system financial transaction flow. • Collaborating between regulators and telecommunications service operators to make regulations regarding the use of NFC that is connected to the Smart SIM Cards that are supported by 4-digit code security features or biometric code security features such as fingerprints, faces, or eye sclera. • Rules regarding the use of QR Code that have been issued by Bank Indonesia to all Fintech service providers. • Accelerating rules, similar to BI Checking, for loans or Fintech funders integrated with BI Checking and the national blacklist of banks and other financial service institutions.
• Rules regarding the establishment of the Fintech online loan company in running the online loan distribution business to be the subject to tax or not on PPh 23 or PPh 21 for interest on the loan. • The assertion about the operation of online loans or online investments that will be exposed to the application of PSAK 71 • Rules that forbid Fintech companies directly or through the Indonesian Fintech association not to act arrogantly in carrying out its financial services. 4. Setting up a special channel for the whistleblower system or a special Fintech consumer complaint channel for regulators and requires all Fintech service providers to provide a whistleblower system channel or consumer complaint channel openly and readable by consumers.