Hello everyone! In our last tutorial, we had talked about pushing up your mobile device security. I hope you all have found it useful and also started applying those tips in your day to day life. If not, then I advise you to start right now!
Today, we will take this tutorial ahead to cover the area of security and privacy in online transactions. As you might be already using online payment services every day for bill payments, ticket bookings, recharges, e commerce and so on.
We all like paying bills and shopping online for the convenience it provides of making payments right from your home. For instance, India’s largest e ticketing website IRCTC claim to process over 180 million transactions every year worth approx $3 billion. We usually use credit or debit cards or net banking for those payments.Most of the banks and payment services nowadays have already implemented good security measures, but make sure you check these things before using them:
1. Make sure you have enabled One Time Password (OTP) to authenticate payments. OTP is a self-destructible password that is sent on your registered mobile phone number via SMS and hence ensures that no one else than you can make payments or transfers.
2. Your bank passwords must be strong enough that they are impossible to guess. Make sure your password contains at least one capital letter, one number, one special character and is at least 8 characters long. Most of banks have already made it mandatory to use such password complexity but you should voluntarily keep such practice for the sake of your own security.
3. While making bill payments or shopping online from various websites, make sure the website is SSL secured, it is usually mentioned on their website. This ensures that your credit/debit card details are encrypted to an extent that they are impossible to render by any unauthorized system or software. Also make sure that websites doesn’t ask to store your CVV number, that is, Card Verification Value, a trusted secure website will never save it. Use only well-known websites and don’t try new website for making such payments.
4. Never ever save your bank passwords to browser when it prompts you to save it while making payments. You may also prefer using digital wallets issued by some trusted websites instead of using cards for seamless and secure payments. While using digital wallets, you should prefer using the wallets that are PCI DSS compliant, Verified by Visa (VbV), and mastercard secure, you may ensure this by looking for such logos on their website:
Clicking on the respective logos may even show you the relevant certificate in new tab, example :
5. If you find any deductions from your bank account of which you are not aware, report it immediately to bank, but remember that bank never asks you CVV number of your card or net banking or card passwords. So don’t give it to any one even if the bank asks for any reason.
6. Beware of phishing: Phishing attacks play a major role in stealing your bank ID-passwords but you might be ignoring the phishing alert prompt from banks most of the time and may have rarely considered reading it completely, so here is a snap which you should read and be aware of:
7. Besides this, I would suggest you to always use virtual keyboard for logging into your net banking account, this will ensure that the key loggers won’t be able to capture your password, see the below snap for reference:
8. Use UPI (Unified Payments Interface): In India, UPI is a recent development by Reserve Bank of India in the payment industry in which you don’t even need to share your account number, IFSC or any other details to the payer, your details are associated with a unique email id called Virtual Payment Address (VPA), that the bank provides to you while registration and you have to share only the email id, for example, [email protected] to get the funds transferred in an instant, thus providing you to more secure way to transact online. Many banks such as Axis bank, Yes bank, Andhra bank, Bank of Maharashtra, Canara bank, Union bank of India are already supporting UPI and others are preparing to support soon. See the snap to get more idea of this concept.
So you might have got a basic understanding by now that by using UPI you may transfer funds or pay bills in the most secure way by using your VPA and it can be done with any bank or platforms that support UPI.
I am sure you are going to explore more on this, hope this article will help you achieve a level up in online transaction security and if it helps you, do share! Thank you.
Ashutosh has found security issues that prevented leak of personal information belonging to 100 million+ people. He specialize in finding vulnerabilities in Web, Mobile applications, IT infrastructure, and consulting organizations on why, how, and when to fix them.
He is working with Deloitte since Jun 2017 as a Cyber Security Consultant/Engineer, Acknowledged by organizations like Google, Twitter, US Department of Defense, Symantec, United Nations, Rapid7, Trend Micro, Avira, United Airlines, IBM, Go Airlines, etc. for finding out security flaws in web applications.