The ‘demonetisation’ of high denomination currency notes — and the related increase in the volumes of electronic transactions — is arguably the biggest push India has got towards financial digitisation. However, even as the government pushes cashlessness and plastic transactions, a lot of the conversations that the rest of the world has been having about data security and privacy are yet to find currency in India. Many Indians, in fact, seem unaware of the need to even choose a strong password for their digital identities and properties.
Given that a lot more people will now move inevitably towards online transactions — some for the first time in their lives — it is extra important to be aware of the basics of keeping oneself safe online. The point is underscored by findings of the latest Norton Cyber Security Insights Report, which shows that online consumers in India often put themselves at risk of ransomware, malware and data-theft.
Choosing the right password
This sounds like a basic rule, but people still don’t follow it — and ‘12345’ remains in the list of top password choices. Choosing your pet’s or child’s name as a password is not smart either. If this information is easily available on your social media accounts or anywhere else on the Internet, you are at risk. Passwords, especially for your social media accounts, web sites where you store debit cards, etc., need to be unique, complicated with special characters. This also goes for apps for online transactions, be it an Amazon or Flipkart, or a digital wallet like Paytm or MobiKwik.
It is a bad idea to write these passwords down or share them with family members. It is a good idea to protect your devices, especially smartphones, from others.
Saving details in Contacts
Don’t save information like bank logins, credit card details, etc., in the contacts list of your smartphone. Many smartphone apps demand access to your contacts, including apps like TrueCaller, Facebook, WhatsApp, as do some games. You don’t want to put crucial information out for companies to upload to their servers. In iOS, the Notes app lets you lock some notes, which can only be accessed through a password. Apps like BlackBerry Password Keeper, LastPass 4.0 etc., on Android can be used for storing sensitive information.
WiFi security: public, at home
According to Norton, Indians love public WiFi but are unaware of the risks that come with it. It is advisable to change the router’s default password when setting up WiFi at home, and to keep changing the password regularly. Giving hackers easy access to your home WiFi means compromising a lot of personal and private data, especially if you conduct a lot of digital transactions from your home network.
Using VPN (Virtual Private Network) on public WiFi is recommended, even if you’re just on social media or WhatsApp. If the network is not secure, your data could be at risk; VPN prevents people from spying on you by masking your identity.
Given how important social media is to most people, it is best to activate two-factor authentication on Gmail, Facebook and even WhatsApp, all of which support two-factor authentication. This lets you link your phone number to your account and get a One-Time Password (OTP) when you log in from a new device.
This is important especially for those who use personal social media accounts at work or on public computers. On WhatsApp, two-factor authentication has just been introduced on Android, and will ensure that you have to enter a password each time you wish to open the app. This ensures that anyone can’t just pick up your phone and browse through your WhatsApp messages.
Clicking on phishing links
Sending forwards is a favourite pastime for many, be it on WhatsApp groups or emails. Many have received WhatsApp messages with links promising a ‘gold version’ of the app or a free phone. Don’t click on these links, as they are designed for phishing. You will be asked for personal information like bank account numbers or credit cards, etc., or malicious apps will be installed by the backdoor. Remember, if hackers gain root access to your device, pretty much all data, including financial data, gets compromised.
The same goes for email links that come from unknown senders. Gmail now warns users of suspected phishing attacks, so do check the alerts when opening a message from an unknown sender. This rule also applies to Facebook links.