Is
your electronic Banking safe
Transformation of banking
In 80s, banking was simple,
we opened an account with a bank branch and did all the transactions there at
the branch in person or through bearer. The signature was assigned more importance. Since the customers were limited and due to
our frequent visit to the branch, familiarity was developed with the branch
staff. People at the branch could assign the face to the signature. Credit
cards were rare and accessible only by affluent.
Beginning of 90s, makes
banking more convenient, ATM cards were introduced and credit cards were more
familiar to enable the public to do transactions at ease without visiting the
branch for withdrawals. People were also not convenient to do transactions
through ATMS due to fear of ignorance. Banks did lots of marketing to push the
people to the ATMs.
Electronic Octopus
End of 90s, the electronic banking
started expanding into Internet banking. In 21st century its opened
various windows of banking through electronic media such as SMS banking, mobile
banking, UPI, and cash deposits machines, internet KISOK besides
e-commence /digital payments linking all
the banks and business community. The
ATM cards were re incarnated into debit cards/ international ATM card etc. Banks were also start introducing smart
cards/ prepaid card/ virtual cards and wallet banking. The new concept of
payment banks was also introduced. Now,
it will be difficult for banks/ financial institutions and public to live
without electronic banking. This is not
an end it may spread further more to bring everyone under it clutch through
innovative products
Now let is discuss whether
our electronic banking is safe?
Is our Electronic Banking safe?
I prefer to use the term
electronic banking instead of Internet banking to cover all the electronic
banking channels/ products. The present
day internet banking is safe as the Banks are continuously making improvement
to the product and making it safe and also to protect the interest of the
customer. The changes are very frequent, Now the Government has introduced
AAdhar card ( an unique Identification
for all citizens) and insist that it should be linked to all types of
services citizens enjoy such as Income tax, Gas services, bank accounts,
financial products, communication services etc. This makes the electronic
transactions more vulnerable as the threat may come from any quarter. This is
due to all the financial transactions are linked to the Mobile number which is
also attached with the Aadhar card. Therefore, mobile phone number plays an
important role in the security of financial transaction.
Various
types of approach to defraud through electronic transaction.
ü
Cloning of debit / ATM card to
withdraw money through fraudulent means.
ü
Attaching a camera on the ATM to capture the card no and pin
ü
Attach a unknown device on the card slot
ü
Insert unknown materials to block the ATM card
ü
Using the gullible nature of the customer and pretend to help him to draw
money from ATM
ü
Sending unsolicited emails / calls to get the access to the personal
details.
ü
Carelessness of the customers to handover the pin to the hotel waiter
while paying the bills
ü
Cloning the SIM card of the customer
ü
Calling /emailing the customer to fuel their greediness to collect the
personal data.
ü
Create false/ near similar links in the email, as if it is sent by the
bank
ü
Collect the personal data when the Mobile/ computers are used through unsecured
connection.
ü
Collecting data at cyber café by some unscrupulous person.
ü
When debit/ credit are used for payment, the data such as card no expiry
date, name and CVV were collected by
unscrupulous persons to use the same for
international transaction fraudulently.
Since, Aadhar is linked to
various services like mobile, IT, etc., there are cases were the personal data
is collected pretending that they are calling from bank/ IT department asking
for the OTP.
The above are only illustrative
but the fraudster are very smart to find
new ways and means everytime.
Tips for safe electronic banking
ATM CARD Management
1. Please ensure your ATM/
debit/ credit card limits are set up according by fix appropriate limits to
suit your needs. For ex. Disable international usage, POS, e-commerce
transactions.
2. Whenever your card is used
please ensure that the transaction is
done at your presence. If you feel that your PIN has been seen or exposed to others, please change the PIN
immediately . Please note for international transaction through POS do not
require OTP/PIN. The card/ name of the holder, date of expiry and the CVV is
sufficient which can be collected by everyone when you are using your card for
purchases. Hence, it is advisable to disable the international usage whenever
it is not required.
3. If you find some unusual
materials on the ATM machine please do not do any transaction in the ATM.
4. If you are not sure of the e
commerce web page, please do not use your card instead take a virtual card for
such purchases.
Internet /WIFI usage
1. Use internet banking only if
the bank offers two factor authentications.
2. Ensure that you have
firewalls turned on and antivirus is running to protect against malware,
Trojans and keyloggers. Your Financial data can be collected through malware/
torjans/keyloggers.
3. Keep your operating system
and other software up to date. Older versions of Internet Explorer are
notoriously insecure. If you are using Internet Explorer as your browser,
consider an alternative browser such as Google Chrome or Mozilla Firefox. If
you are running Windows 10 and want to continue to use a Microsoft browser,
consider using Microsoft Edge instead of Internet Explorer.
4. Always try to use your
computer internet Banking and never do online transactions at cyber café.
a. Place
of Business It is suggested to logging into your online bank page while at
home. Your place of work can install key loggers or use other methods of
monitoring you while online. Someone who has access to this information could
access these logs that can contain all keystrokes including usernames and
passwords.
b.
Wireless
network. While on a
wireless network it's important to realize that all information being sent to
and from your computer/ mobile to the wireless router, can be intercepted and read
by someone nearby. Therefore, if you need to log into your online bank page
while on a wireless network make sure the network you're connecting to is
secure using WPA.
c.
Friends
house Be concerned when logging into an account from a
friend's computer. A computer you're not familiar with could intentionally or
unintentionally log usernames and passwords that could be used to access your
account.
5. Access your bank web site by
typing it in the address bar instead of clicking a link. Never clink a link
received through emails even if emails appear to be from your bank –
this may be trick often employed by the bad guys to get you onto a website that
looks like your bank’s. When you log in to ‘your account’ they will steal your
username and password and, ultimately, your cash.
6. Be
aware of unsolicited phone calls that purport to be from your bank. no
financial institution require you to answer a security question, and they never
ask for passwords or PIN numbers (they
may ask for data such as your date of birth, address etc,)
7. Nothing is free in the
world. Never ever believe anyone offering huge sum and seeking your personal
data. It must be scam. Beware.
8. Look for a small Padlock
Ikon somewhere in your Brower and check the address bar, whether the address begin
with https.
9. Once you finished your job,
please logout completely
Alert Management
Almost all banks offer
SMS/email alerts of your transaction, please avail the facility. Monitor the
alert continuously for the transactions in your accounts.
Please always keep handy the
telephone numbers, email address for reporting any discrepancies in your
transaction. It will help whenever you find discrepancies in your account to
take up at appropriate levels.
It should go without saying that
monitoring your bank statement each month is good practice as any unauthorized
transactions will be sure to appear there. But why wait a whole month to
discover a discrepancy? With online banking you have access 24/7. So take
advantage of that and check your account on a regular basis. Look at every
transaction since you last logged in and, if you spot any anomalies, contact
your bank immediately.
Password Management
The password, you are using
should not have any meaning; it should contain uppercase, lower case, numbers
and special character. It should by coined in such a way that it cannot be
predicted easily. Never use your name, name of the members of the family, car
no, date of birth etc as part of your password. The same rule will be
applicable for the PIN also, it should not be your house no, pin code, date of
birth, car no etc.
Whether, your bank ask you
to change the password/ Pin compulsorily or not, make it a habit to change the
password at regular intervals to protect your accounts/ cash.
In case you require, use password manager apps but be careful in
selecting one also. Never transmit confidential data over e-mail,
such as passwords, credit card information, etc. E-mail is not encrypted, and
if intercepted by a third-party, it could be read.
Mobile wallets
Mobile wallets are available
now and it is using aadhar card details as part of KYC. There are UPI supported mobile
applications are working based on the aadhar linked mobile number as aadhar is
linked to the bank accounts. Hence, one should not reveal the OTP received for
changes in aadhar details with any one even if the person posing himself as a
representative of UIDAI/ Income tax / bank. Once the mobile number linked to
Aadhar is changed it can be used to draw money from your bank account linked to
aadhar using the UPI supported application.
The mobile wallets are
following the security standard prescribed by PCI-DSS and ISO 27001 and are
subject to audit on the data security. However, losing the mobile will expose
the wallets. Further, if your mobile is infected with Judy malware which is
high possibility since all the mobile are connected to various social media,
possibilities are not ruled out that the user may be defrauded by a hacker
request money transfer through one of their friends, sending message from his mobile
wallet account.
Other
precautions;
Now we are entering into a
new era wherein, our mobile phones are integrated into our financial systems.
Hence, we need to protect your mobile phones very carefully. Please read messages
from your service provider although most of them are business promotion
messages. It is possible for a unscrupulous person to clone your SIM card. The
service provider incorporated system of sending a SMS of such incident. If we
receive such messages we have take up with the service provider against the
same.
Further, Aadhar card also
playing a most important role now as all our accounts, and other services are
linked to aadhar. Any change in Aadhar details require the OTP generated in
your mobile. Hence, we should be careful not to share the OTP received from
Aadhar with anyone.
Conclusion
Yes. Online banking is safe with the
proper precautions; it is becoming more and more popular each day. New products
may hit the market everyday and as user we need to get educated of the usage of
the product and keep vigilant over the personal data always.
To conclude, I summaries as under
Ø Keep a secured password and change it
frequently
Ø Use only secured connection for your
transaction.
Ø Never share your personal data such
as password, OTP etc over phone or email.
Ø Careful with phishing emails or text.
Ø Keep your mobile phone safe
Ø Manage your ATM/CREDIT/DEBIT
card
Ø Exercise caution while doing e
commerce transaction.
With this I am sure we will enjoy the
convenience and safety of electronic banking. Happy banking
