In the last few years, incidents of ATM frauds, unauthorised use of debit or credit cards or mobile numbers being issued on false identities have drastically risen. Similarly, large-scale data thefts involving personal records are also common headlines in newspapers. In this context, a survey by community social media platform LocalCircles has revealed that 33% Indians store their bank account, debit/ credit card/ ATM passwords, Aadhaar and PAN numbers on mobile, computer or email.
Further, 11% citizens are storing their ATM, bank account, email, and other online account passwords in their mobile phone contact list, the survey found. LocalCircles noted that this is a very unsafe way to store such credentials because most online apps these days ask for permission to access one’s contact and text messages. Though some apps have high levels of security and are trustworthy, the same can’t be said for the majority of other apps that are available on app stores, it said, adding that India’s cybersecurity researchers recently identified 167 counterfeit iOS and Android apps used by hackers to steal money from people. As part of the survey, over 24,000 responses were received from citizens across 393 districts of India.
The survey also revealed that 29% Indians share their ATM or debit card pin with close family members, 4% share it with their domestic and office staff. Meanwhile, aiming to make digital payments using debit cards and credit cards more secure, new rules by the RBI mandate that cardholders of both debit and credit set up transaction limits. It has also directed banks to allow people to register for preferences such as opt-in or opt-out of services, also on spending limits, and other services for online transactions, international transactions, and contactless transactions.
“Storing sensitive financial details on a phone’s contact list which 11% of citizens are doing poses a significant risk of misuse, either by apps or hackers or even by contacts of the individual. The findings also suggest that 33% of citizens store their bank account, debit or credit card and ATM passwords, Aadhaar, and Pan numbers on mobile, computer or email again posing a major risk to the individual,” LocalCircles stated.
There is an urgent need for the RBI and banks to make concerted efforts in the direction of digital financial literacy, LocalCircles noted. Citizens on the LocalCircles platform also suggested that from time to time the government via the Finance Ministry, Consumer Affairs Ministry, and MEITY, along with RBI, should organise awareness programs on how to secure personal data and the dos and don’ts.
Here are some ways to secure your personal /financial data:
> Choose strong alphanumeric passwords: Choosing longer passwords, such as a phrase rather than a single word can make it difficult for hackers to guess. Use a mix of uppercase and lowercase letters. Avoid common sequences like ‘1234’. Avoid using personal information such as your name, pet’s name, etc. Don’t store login details in your online banking or mobile app.
> Sign up for banking alerts: Banking alerts and notifications enable you to monitor any online activity taking place in your account. Depending on how your bank operates, you may be able to activate text or email alerts or both. You could also set up alerts for failed logins, new credit and debit transactions, password change, etc. Notifications also help in case a hacker has managed to gain unauthorised access to your account and withdraw money, as you can alert the bank authorities immediately to minimise further loss.
> Enable two-factor authentication if offered by your bank: This provides an additional layer of protection in addition to your login name and password. For example, you may need to enter a special code, identify a preselected image, etc.
> Avoid using public Wi-Fi: Don’t rely on public Wi-Fi as some of the biggest risks posed by it include man-in-the-middle attacks where hackers are able to electronically ‘eavesdrop’ on your banking activity; data transmission over unencrypted networks; malware and spyware.
> Beware of phishing scams: This is one of the most common methods used by identity thieves to gain access to personal and financial information, and it usually involves tricking you into giving up your information. Phishing scams can take different forms but they are usually email scams. For example, you might get an email that looks like it is from your bank, but in reality, it will open up a dummy site that enables identity thieves to steal your information. It is important to carefully inspect such emails that request financial or personal information.