Since payment alternatives such as UPI, e-wallets and USSD - based mobile banking through different platforms are directly or indirectly linked to the user’s bank account one needs to be extra careful to keep hackers at bay, explains Adhil Shetty, CEO, BankBazaar.
Just a few days before the Indian government initiated the demonetisation drive, pushing people to carry out banking transactions through Internet or plastic cards, the country had seen a big financial data security breach compromising ATM pins of millions of debit card holders.
While the reason for the breach was not known, banks came to the rescue after the incident broke out by asking customers to change passwords and blocking accounts on request.
With the advancement of technology, the ease of banking, from checking balance to transferring funds, using smartphones or tablets has driven people to go online more than ever.
According to Reserve Bank of India data, 85 per cent of all reported transactions at banks between 2015 and 2016 were through the Internet in terms of volume. In 2014-15, the figure stood at 75 per cent.
And, now that the wind is blowing towards going completely cashless, people are increasingly exploring payment alternatives such as UPI, e-wallets and USSD - based mobile banking through different platforms, which are directly or indirectly linked to the user’s bank account.
While you enjoy this newly-acquired convenience, we want you to remember that cyber security is something you must consider at every step you take online. Here are some of the steps you could take to ensure your financial data is safe.
Create strong password & PIN, change them frequently: A PIN which is easily guessable is capable of turning your account dry, so avoid using your date of birth, wedding anniversary, birth date of children etc as PIN for your debit/credit cards.
While setting passwords, long combinations of alphabets, numbers, and alphanumeric and special characters with mixed casing are advisable.
Words that can’t be found in dictionaries or that are deliberately misspelt can potentially be stronger passwords. You must memorise a strong password which is unique in nature and can’t be guessed by anyone.
Avoid writing down your password and PIN anywhere except a secure location. This would prevent this information from being shared and leaked. While using your debit card at ATMs or at stores, beware of shoulder surfing in order to safeguard your financial details from getting stolen.
Enable two-factor authentication: With the recent RBI mandate of two-factor authentication, the card industry has adopted 3-D secure methodology enabling you to register your smart phone for authentication.
So, each time you try to make a transaction using your cards, you receive a text with a one-time security password which needs to be keyed in to prevent misuse of identity.
If you receive any such texts or notifications without your trying to log in, you must immediately notify the bank.
Careful where you swipe: Scammers can steal your card data through skimmers on bugged ATMs and point-of-sale machines.
As the process only takes a few seconds, it often goes unnoticed by the card-holder. Make sure you use your cards at secure ATMs and shopping outlets only.
When transacting with your card, always be aware of where the card is. Indian banks have been mandated to upgrade all cards to chipped cards.
If you are still using a chip-less card, you’re at higher risk. The old cards, which only have a magnetic strip at the back, can easily be duplicated through unauthorised swipes. Once duplicated, they can be used to carry out illegal transactions.
Beware of malware; use the latest software and anti-virus: Considering that you are in an era wherein all your financial information is stored on your computer, phone or tablet, you have to be careful about the websites you visit and download from.
Before you click on any link that pops up on your device, make sure it is an authentic one, because if you unknowingly download or install a malware link, it could potentially spy on you and steal your personal data.
In order to stay away from such risks download items from legitimate websites and app market places only. Make sure you’re using the most up-to-date operating system since this would protect you from digital vulnerabilities.
Also employ the most up-to-date anti-virus, anti-malware and anti-spyware program. This would keep your data safe from infections and security threats.
If you’re logging on to your bank from a public computer, use the virtual keyboard in order to thwart keyloggers that may be used on public computers to steal keyboard inputs for logins and passwords.
Careful which apps you install: E-wallets are tapping into the growing demand for alternative modes of payment. The well-known apps have strong security features.
But beware of the ones that don’t. So before you pick your e-wallet or any financial app go to the app store, check its reviews and ratings, and be assured that it’s a genuine app.
Don’t decide to install an app simply based on the offers and discounts it is providing. Security features matter: e-wallets may store your credit or debit card details on your account. This data could be compromised in case of a security breach.
Use passwords to protect apps: Loading your e-wallet requires you to input passwords and authenticate transactions. While such actions may be protected by two-factor authentications, spending from your e-wallet may not have such checks and balances.
Payments happen instantly, and often without checks and balances. Once a payment has been completed, it can’t be reversed.
Should your unlocked phone with a loaded e-wallet land in the wrong hands, you could lose your money quickly. It may be wise to use password protection for your phone as well as for your apps. You can download and install app locks to prevent misuse.
Wipe data if phone gets stolen: In this age, losing your phone is like losing your wallet - you could lose a lot of money through your apps.
While chasing the thief can be one way of getting it back, remotely wiping off the data on your phone can help prevent monetary and data loss.
Both Android as well as Apple devices let you do this. However, your phone would have to be connected to the Internet for this to happen.
The right way to dispose of documents: If you think documents containing your personal or financial details need protection only when they are in use, you are not doing enough to ensure financial safety.
Your old bank statements, credit card bills and insurance premium details carry a good deal of sensitive information and can pose a threat to your financial data security, if they land in wrong hands.
Your identity can be easily compromised from an old piece of paper lying in a paper bin. Make sure you shred such documents once you are done using them.