For safe mobile banking transactions..Business Standard -14.05.2015
...Do simple things like downloading from right sites and avoid staying logged on
Technology has been making banking instant and convenient. To make it even more user-friendly, many banks have recently offering fund transfers to customers’ contacts in social media. Last week, Axis Bank launched PingPay, a multi-social payment app that allows customers to send money to their contacts across Facebook, Whatsapp, Twitter, SMS or e-mail. Kotak Mahindra Bank and ICICI Bank, too, offer similar services through Kaypay and Pockets, respectively.
According to security experts, as usage of mobile apps pick up, so will the threat of malicious apps and cyber crime. In April, the Reserve Bank of India (RBI) had to issue a warning about a mobile application doing the rounds on WhatsApp. Bearing the RBI logo, the app said users could check the balance in multiple bank accounts through this single piece of software.
“As of today, mobile apps are safer than net banking services offered on desktop/laptops. It’s not because the apps are more secure. Rather, it’s because hackers and cyber criminals have still not turned their attention to mobile aggressively,” says Sanjay Katkar, chief technology officer and co-founder, Quick Heal Technologies. He explains that the mobile apps are not yet the prime focus because the population of people banking through mobile compared to net banking is minuscule. According to RBI records, of the 589 million bank account holders, 22 million customers use mobile banking apps.
While banks have made their apps secure and also use two-way authentication to avoid fraudulent transactions, experts say a majority of the security breach is about data, which is beyond the control of banks. Cyber criminals plant malicious apps when users download from unverified source – other than Google Play or Apple App Store – or when existing apps in their smart phone take them to a third-party website. “The malicious apps can take screen shots and also record keys that users enter. They also exploit vulnerabilities in the banking apps,” says Katkar. The data can later be used to set traps and steal money.
According to the Quick Heal Quarterly Threat Report for the first quarter of 2015, the last few months have seen an exponential growth in the incidents of malware attacks on Android mobile banking apps. The Android.Wroba.A malware, known as a banking Trojan, looks like a trustworthy app, but is created specifically to steal financial and personal information such as credit card details, online banking login credentials, personal information and more.
To ensure that you do not become prey, first and foremost avoid downloading apps from unofficial websites. “Users should stick to Google Play Store and Apple App Store as they are constantly vetted for malicious apps,” says Deepak Sharma, executive vice-president (digital initiatives) at Kotak Mahindra Bank. He advises users to check the publisher of the software and avoid apps that are recently launched and have few users.
While it is not possible to get bank account-related data if a cyber criminal hacks into your social media account, experts said that users need to keep the access secure. Majority of the people don’t log out of their social media accounts once their session is over. To ensure safety, don’t remain signed in.
Jairam Sridharan, head, retail lending & payments at Axis Bank, says the device itself needs to be secure by a password to avoid unauthorised access. To ensure the existing apps don’t lead you to third-party websites that install malicious software, a security software is a must on smart phones
According to security experts, as usage of mobile apps pick up, so will the threat of malicious apps and cyber crime. In April, the Reserve Bank of India (RBI) had to issue a warning about a mobile application doing the rounds on WhatsApp. Bearing the RBI logo, the app said users could check the balance in multiple bank accounts through this single piece of software.
“As of today, mobile apps are safer than net banking services offered on desktop/laptops. It’s not because the apps are more secure. Rather, it’s because hackers and cyber criminals have still not turned their attention to mobile aggressively,” says Sanjay Katkar, chief technology officer and co-founder, Quick Heal Technologies. He explains that the mobile apps are not yet the prime focus because the population of people banking through mobile compared to net banking is minuscule. According to RBI records, of the 589 million bank account holders, 22 million customers use mobile banking apps.
While banks have made their apps secure and also use two-way authentication to avoid fraudulent transactions, experts say a majority of the security breach is about data, which is beyond the control of banks. Cyber criminals plant malicious apps when users download from unverified source – other than Google Play or Apple App Store – or when existing apps in their smart phone take them to a third-party website. “The malicious apps can take screen shots and also record keys that users enter. They also exploit vulnerabilities in the banking apps,” says Katkar. The data can later be used to set traps and steal money.
According to the Quick Heal Quarterly Threat Report for the first quarter of 2015, the last few months have seen an exponential growth in the incidents of malware attacks on Android mobile banking apps. The Android.Wroba.A malware, known as a banking Trojan, looks like a trustworthy app, but is created specifically to steal financial and personal information such as credit card details, online banking login credentials, personal information and more.
To ensure that you do not become prey, first and foremost avoid downloading apps from unofficial websites. “Users should stick to Google Play Store and Apple App Store as they are constantly vetted for malicious apps,” says Deepak Sharma, executive vice-president (digital initiatives) at Kotak Mahindra Bank. He advises users to check the publisher of the software and avoid apps that are recently launched and have few users.
While it is not possible to get bank account-related data if a cyber criminal hacks into your social media account, experts said that users need to keep the access secure. Majority of the people don’t log out of their social media accounts once their session is over. To ensure safety, don’t remain signed in.
Jairam Sridharan, head, retail lending & payments at Axis Bank, says the device itself needs to be secure by a password to avoid unauthorised access. To ensure the existing apps don’t lead you to third-party websites that install malicious software, a security software is a must on smart phones
Stealing from your wallet? 7 entrapments from banks that you should be aware of
A bank's facilities typically come loaded. For the unsuspecting customer, it could just be a question of filling out a fixed deposit form or being granted a home loan. But there are some entrapments the bank will slip in that you need to be aware of, says Sangita Mehta.
HOME LOAN: Double Trouble
Watch out: When you apply for a home loan, the bank will sell you property insurance — which covers damage to property — and mortgage protection term insurance, which covers the loan in the event of the borrower's death
What you should know: The housing society may already have property insurance. You don't have to opt for an insurer the bank has a tie-up with. Ensure the premium is not clubbed with the loan, in which case, you will have to pay interest
CREDIT CARD: Take it or Leave it
Watch out: Banks often sell credit cards with the promise that for the first year, they will not charge any fee and the customer can discontinue it from the second year. However, at the end of the second year, the card company sends an innocuous mail stating they will renew the card for a fee unless the customer explicitly rejects it.
What you should know: The Reserve Bank of India has banned banks from giving such negative options. Customers should ideally use the credit card of a bank they do not have a savings bank account with. In case of a dispute, banks often debit money from the borrower's account
DEPOSITS: Auto Route
Watch out: When you're opening a fixed deposit, watch out for 'auto renewal' in the fine print
What you should know: If you do not opt for auto renewal, the money is transferred to the savings account after maturity, where the bank offers about 4% interest as against 7-9% on FDs. You may forget to renew the deposit and the bank won't remind you. When you tick that 'auto renewal' box, the bank cannot charge you a penalty on premature withdrawal of the deposit
ATM, CYBER FRAUD: Cry 'Thief'
Watch out: If you find a fraudulent transaction in your account, immediately notify the bank
What you should know: If you are the unfortunate victim of an ATM or e-transaction fraud, watch out: the bank is liable to prove its innocence If the bank is not notified, ..
HOME LOAN: Double Trouble
Watch out: When you apply for a home loan, the bank will sell you property insurance — which covers damage to property — and mortgage protection term insurance, which covers the loan in the event of the borrower's death
What you should know: The housing society may already have property insurance. You don't have to opt for an insurer the bank has a tie-up with. Ensure the premium is not clubbed with the loan, in which case, you will have to pay interest
CREDIT CARD: Take it or Leave it
Watch out: Banks often sell credit cards with the promise that for the first year, they will not charge any fee and the customer can discontinue it from the second year. However, at the end of the second year, the card company sends an innocuous mail stating they will renew the card for a fee unless the customer explicitly rejects it.
What you should know: The Reserve Bank of India has banned banks from giving such negative options. Customers should ideally use the credit card of a bank they do not have a savings bank account with. In case of a dispute, banks often debit money from the borrower's account
DEPOSITS: Auto Route
Watch out: When you're opening a fixed deposit, watch out for 'auto renewal' in the fine print
What you should know: If you do not opt for auto renewal, the money is transferred to the savings account after maturity, where the bank offers about 4% interest as against 7-9% on FDs. You may forget to renew the deposit and the bank won't remind you. When you tick that 'auto renewal' box, the bank cannot charge you a penalty on premature withdrawal of the deposit
ATM, CYBER FRAUD: Cry 'Thief'
Watch out: If you find a fraudulent transaction in your account, immediately notify the bank
What you should know: If you are the unfortunate victim of an ATM or e-transaction fraud, watch out: the bank is liable to prove its innocence If the bank is not notified, ..
No comments:
Post a Comment