Showing posts with label PIN. Show all posts
Showing posts with label PIN. Show all posts

Sunday, December 3, 2017

Is your electronic Banking safe



Is your electronic Banking safe

Transformation of banking

In 80s, banking was simple, we opened an account with a bank branch and did all the transactions there at the branch in person or through bearer. The signature was assigned more importance.  Since the customers were limited and due to our frequent visit to the branch, familiarity was developed with the branch staff. People at the branch could assign the face to the signature. Credit cards were rare and accessible only by affluent.

Beginning of 90s, makes banking more convenient, ATM cards were introduced and credit cards were more familiar to enable the public to do transactions at ease without visiting the branch for withdrawals. People were also not convenient to do transactions through ATMS due to fear of ignorance. Banks did lots of marketing to push the people to the ATMs.

Electronic Octopus

End of 90s, the electronic banking started expanding into Internet banking. In 21st century its opened various windows of banking through electronic media such as SMS banking, mobile banking, UPI, and cash deposits machines, internet KISOK besides e-commence  /digital payments linking all the banks and business community.  The ATM cards were re incarnated into debit cards/ international ATM card etc.  Banks were also start introducing smart cards/ prepaid card/ virtual cards and wallet banking. The new concept of payment banks was also introduced.  Now, it will be difficult for banks/ financial institutions and public to live without electronic banking.  This is not an end it may spread further more to bring everyone under it clutch through innovative products

Now let is discuss whether our electronic banking is safe?

Is our Electronic Banking safe?

I prefer to use the term electronic banking instead of Internet banking to cover all the electronic banking channels/ products.  The present day internet banking is safe as the Banks are continuously making improvement to the product and making it safe and also to protect the interest of the customer. The changes are very frequent, Now the Government has introduced AAdhar card ( an unique Identification  for all citizens) and insist that it should be linked to all types of services citizens enjoy such as Income tax, Gas services, bank accounts, financial products, communication services etc. This makes the electronic transactions more vulnerable as the threat may come from any quarter. This is due to all the financial transactions are linked to the Mobile number which is also attached with the Aadhar card. Therefore, mobile phone number plays an important role in the security of financial transaction.


 Various types of approach to defraud through electronic transaction.

ü  Cloning of debit / ATM card  to withdraw money through fraudulent means.

ü  Attaching a camera on the ATM to capture the card no and  pin

ü  Attach a unknown device on the card slot

ü  Insert unknown materials to block the ATM card

ü  Using the gullible nature of the customer and pretend to help him to draw money from ATM

ü  Sending unsolicited emails / calls to get the access to the personal details.

ü  Carelessness of the customers to handover the pin to the hotel waiter while paying the bills

ü  Cloning the SIM card of the customer

ü  Calling /emailing the customer to fuel their greediness to collect the personal data.

ü  Create false/ near similar links in the email, as if it is sent by the bank  

ü  Collect the personal data when the Mobile/ computers are used through unsecured connection.

ü  Collecting data at cyber café by some unscrupulous person.

ü  When debit/ credit are used for payment, the data such as card no expiry date, name and CVV  were collected by unscrupulous persons to  use the same for international transaction fraudulently.

Since, Aadhar is linked to various services like mobile, IT, etc., there are cases were the personal data is collected pretending that they are calling from bank/ IT department asking for the OTP.

The above are only illustrative  but the fraudster are very smart to find new ways and means everytime.

Tips for safe electronic banking

ATM CARD Management

1.   Please ensure your ATM/ debit/ credit card limits are set up according by fix appropriate limits to suit your needs. For ex. Disable international usage, POS, e-commerce transactions.

2.   Whenever your card is used please  ensure that the transaction is done at your presence. If you feel that your PIN has been seen  or exposed to others, please change the PIN immediately . Please note for international transaction through POS do not require OTP/PIN. The card/ name of the holder, date of expiry and the CVV is sufficient which can be collected by everyone when you are using your card for purchases. Hence, it is advisable to disable the international usage whenever it is not required.


3.   If you find some unusual materials on the ATM machine please do not do any transaction in the ATM.

4.   If you are not sure of the e commerce web page, please do not use your card instead take a virtual card for such purchases.

Internet /WIFI usage

1.   Use internet banking only if the bank offers two factor authentications.

2.   Ensure that you have firewalls turned on and antivirus is running to protect against malware, Trojans and keyloggers. Your Financial data can be collected through malware/ torjans/keyloggers.

3.   Keep your operating system and other software up to date. Older versions of Internet Explorer are notoriously insecure. If you are using Internet Explorer as your browser, consider an alternative browser such as Google Chrome or Mozilla Firefox. If you are running Windows 10 and want to continue to use a Microsoft browser, consider using Microsoft Edge instead of Internet Explorer.

4.   Always try to use your computer internet Banking and never do online transactions at cyber café.


a.    Place of Business It is suggested to logging into your online bank page while at home. Your place of work can install key loggers or use other methods of monitoring you while online. Someone who has access to this information could access these logs that can contain all keystrokes including usernames and passwords.

b.   Wireless network.  While on a wireless network it's important to realize that all information being sent to and from your computer/ mobile to the wireless router, can be intercepted and read by someone nearby. Therefore, if you need to log into your online bank page while on a wireless network make sure the network you're connecting to is secure using WPA.

c.   Friends house Be concerned when logging into an account from a friend's computer. A computer you're not familiar with could intentionally or unintentionally log usernames and passwords that could be used to access your account.

5.   Access your bank web site by typing it in the address bar instead of clicking a link. Never clink a link received through emails even if emails appear to be from your bank – this may be trick often employed by the bad guys to get you onto a website that looks like your bank’s. When you log in to ‘your account’ they will steal your username and password and, ultimately, your cash.

6.   Be aware of unsolicited phone calls that purport to be from your bank. no financial institution require you to answer a security question, and they never  ask for passwords or PIN numbers (they may ask for data such as your date of birth, address etc,)


7.   Nothing is free in the world. Never ever believe anyone offering huge sum and seeking your personal data. It must be scam. Beware.

8.   Look for a small Padlock Ikon somewhere in your Brower and check the address bar, whether the address begin with https.


9.   Once you finished your job, please logout completely

Alert Management

Almost all banks offer SMS/email alerts of your transaction, please avail the facility. Monitor the alert continuously for the transactions in your accounts.

Please always keep handy the telephone numbers, email address for reporting any discrepancies in your transaction. It will help whenever you find discrepancies in your account to take up at appropriate levels.

It should go without saying that monitoring your bank statement each month is good practice as any unauthorized transactions will be sure to appear there. But why wait a whole month to discover a discrepancy? With online banking you have access 24/7. So take advantage of that and check your account on a regular basis. Look at every transaction since you last logged in and, if you spot any anomalies, contact your bank immediately.

Password Management


The password, you are using should not have any meaning; it should contain uppercase, lower case, numbers and special character. It should by coined in such a way that it cannot be predicted easily. Never use your name, name of the members of the family, car no, date of birth etc as part of your password. The same rule will be applicable for the PIN also, it should not be your house no, pin code, date of birth, car no etc.

Whether, your bank ask you to change the password/ Pin compulsorily or not, make it a habit to change the password at regular intervals to protect your accounts/ cash.

In case you require, use password manager apps but be careful in selecting one also.  Never transmit confidential data over e-mail, such as passwords, credit card information, etc. E-mail is not encrypted, and if intercepted by a third-party, it could be read.

Mobile wallets


Mobile wallets are available now and it is using aadhar card details as part of  KYC. There are UPI supported mobile applications are working based on the aadhar linked mobile number as aadhar is linked to the bank accounts. Hence, one should not reveal the OTP received for changes in aadhar details with any one even if the person posing himself as a representative of UIDAI/ Income tax / bank. Once the mobile number linked to Aadhar is changed it can be used to draw money from your bank account linked to aadhar using the UPI supported application.

The mobile wallets are following the security standard prescribed by PCI-DSS and ISO 27001 and are subject to audit on the data security. However, losing the mobile will expose the wallets. Further, if your mobile is infected with Judy malware which is high possibility since all the mobile are connected to various social media, possibilities are not ruled out that the user may be defrauded by a hacker request money transfer through one of their friends, sending message from his mobile wallet account.

Other precautions;

Now we are entering into a new era wherein, our mobile phones are integrated into our financial systems. Hence, we need to protect your mobile phones very carefully. Please read messages from your service provider although most of them are business promotion messages. It is possible for a unscrupulous person to clone your SIM card. The service provider incorporated system of sending a SMS of such incident. If we receive such messages we have take up with the service provider against the same.

Further, Aadhar card also playing a most important role now as all our accounts, and other services are linked to aadhar. Any change in Aadhar details require the OTP generated in your mobile. Hence, we should be careful not to share the OTP received from Aadhar with anyone.

Conclusion

Yes. Online banking is safe with the proper precautions; it is becoming more and more popular each day. New products may hit the market everyday and as user we need to get educated of the usage of the product and keep vigilant over the personal data always.

To conclude, I summaries as under

Ø  Keep a secured password and change it frequently

Ø  Use only secured connection for your transaction.

Ø  Never share your personal data such as password, OTP etc over phone or email.

Ø  Careful with phishing emails or text.

Ø  Keep your mobile phone safe

Ø  Manage your ATM/CREDIT/DEBIT card 

Ø  Exercise caution while doing e commerce transaction.

With this I am sure we will enjoy the convenience and safety of electronic banking. Happy banking

BUY NOW PAY LATER (BNPL)

    Buy Now Pay Later: BNPL schemes BNPL is a short-term micro credit model, where consumers must pay little to no interest for online p...