NAGPUR: Even as India’s banking regulator is promoting internet and mobile banking in a big way, cyber security experts question Reserve Bank of India’s (RBI) intention in doing so. Most Indian banks, they say, are providing internet banking services without giving much thought to cyber security, also blatantly disregarding RBI’s guidelines on the issue. According to experts, consumers should be especially wary of mobile banking which can be more dangerous due to obvious lack of security systems for mobile phones.
An RTI query filed by city-based NGO Cyber Awareness Organization (CAO) recently even reveals that none of the banks in the country has drafted information security guidelines which are mandatory as per RBI’s guideline on electronic banking. Other experts say that no bank in the country has even applied for cyber crime insurance.
Bangalore-based cyber security expert Na. Vijayshankar, more popularly known as Naavi, has raised these issues regularly. “When RBI started allowing internet banking way back in 2001, it clearly laid the responsibility of data security and educating customers about the dos and don’ts on the banks. It was also advised that all banks offering the service take cyber crime insurance. None of that has happened even today,” he informed. He also wondered why and how these things are being allowed by RBI.
“We see that banks often choose profitability over security of their customers’ personal information. Despite having the right to be secured against cyber crime, for which banks are held responsible even in the RBI guidelines, Indian consumers are offered a raw deal when it comes to internet banking,” said Mahendra Limaye, president of CAO.
“Two-factor authentication for accessing a bank account, wherein a security code is sent via SMS, is not very reliable as mobile phones with the information of a customer may be stolen. Another private bank is considering introducing banking via social networking sites. SIMs can be cloned very easily. There are relatively safer ways for internet banking like digital signatures which no bank has endorsed despite being mentioned as mandatory in the original RBI guidelines,” said Naavi. While circulars are sent regularly to banks about following the guidelines, no tough action is taken for not following them, he added.
Limaye warned, “India is home to highest number of digitally illiterate people who have an online presence. Their security, and money, is clearly under threat.”
IT secretary of Maharashtra Rajesh Aggarwal has been hailed for some of his progressive decisions in cases of ATM frauds, making banks pay compensations in cases of phishing. He believes that the increase in the number of such crimes is because of the customers not being bothered much about their cyber security. “They expect a lot from any service provider but don’t give enough time to read the terms and conditions,” he said.
Aggarwal also says that decisions in favour of the customers have made some telecom companies becoming more alert and prudent. He says that the government, through Centre for Development of Advanced Computing (C-DAC) and other agencies, is working towards more awareness while utilizing cyber financial services.
SOME TIPS FOR SAFER INTERNET BANKING:
Avoid internet banking through links provided in any mail/ message/ website.
Always type the URL of bank in browser and then use the appropriate website.
As far as possible access your net banking through secured location like your personal computer, laptop, office PC, etc. Avoid internet cafes/ public facility centers.
Use strong password and always develop habit of modifying password after frequent time interval.
While using public ATM’s/card swapping machine, resist compromising your PIN and enter PIN by yourself. Don’t feel ashamed of entering PIN by covering it with other hand or any other secured manner.
Always set up Account Transaction limits which are offered by most of the banks so as to limit your losses in case of some unforeseen incident.
Report any suspicious transaction/message to your banker and also to police.
In case the bank refuses to acknowledge or act on your complaint, approach the banking ombudsmen or even the IT secretary of the state
Credit Sudhaar is India’s first Credit Health management & improvement company whose goal is to help clients to Restore, Enhance and Protect their Credit and make them credit healthy
CS IdentityShield helps you to Monitor, Protect and Recover your Identity from multiple risks.
Courtesy: Times of India