Storing personal, financial information digitally increases risk of data breach: Report – ET CISO
The Per Unisys Security Index 2020 report measures consumers’ concern around personal financial security.
In the last few years, incidents of ATM frauds, unauthorised use of debit or credit cards or mobile numbers being issued on false identities have drastically risen. Similarly, large-scale data thefts where hundreds of millions of personal records have been stolen has also risen.
The report highlighted that bank frauds via unauthorised access to individual’s credit and debit card details as well as those around online banking and shopping were the top most concerns.
Financial experts say that one of the most common ways for hackers to commit cybercrime is by phishing an individual’s email account, text messages on mobile, to access their personal financial details, either ATM pin-based or OTP-based.
However, people continue to rely on storing their sensitive personal financial details like banking passwords and information of their ATM debit and credit cards on their smartphone, email, or computer.
The reported noted that hackers have tried every method to find the loose end and breach any underlying securities, with the motive to siphon off funds by accessing these details.
conducted a survey to understand how people in India store and share their ATM, debit or credit card, Aadhaar and PAN card details.
It studied responses from over 24,000 people residing in 393 districts of the country and made the following observations:
* 29% share ATM, debit card pin with close family members
About 29 per cent of the respondents share their ATM or debit card pin details with their family members.
While 4 per cent have given it 1 or more office staff and 2 per cent have given it to one or more close friends.
However, majority of 65 per cent people said no other than themselves have access to their ATM or dent/credit card details.
Aimed to make digital payments using debit cards and credit cards more secure, new rules by RBI mandate that cardholders of both debit and credit set up transaction limits.
It has also directed banks to allow people to register for preferences such as opt-in or opt-out of services, also on spending limits, and other services for online transactions, international transactions, and contactless transactions.
* 33% store confidential information on mobile, computer or e-mail
The report noted that generating a strong password is easy, but it’s a pain to keep track of them all between multiple bank accounts, websites and apps demanding their unique log-in criteria.
Therefore, 33 per cent of citizens store their credentials in their digital means, especially on mobile phones, email/ computer.
While 7 per cent of the people store such data in their phone, 15 per cent store it in their email or computer.
* 11% store private data in mobile contact list
Many people in the community discussions on LocalCircles also indicated that they rely on their smartphone’s contact list to store banking passwords and details of ATM, bank account, email, etc.
The report states that it is a very unsafe way to store such credentials as most online apps ask for permission to access one’s contact and text messages.
The survey indicated that 11 per cent of citizens store ATM, bank account, email and other online account passwords in their mobile phone’s contact list.