Monday, 20 February 2017

How Secure Is Your Bank Account, Other Data?

 
TECHNOLOGY
How Secure Is Your Bank Account, Other Data?

 1
As against the common perception that your personal and financial data is safe in the hands of your banker or insurer, a report from Capgemini says that four out of five bank or insurance companies cannot detect a breach in cyber-security. 
 
The findings of Capgemini are based on a global survey of over 180 senior data security professionals and 7,600 consumers. However, almost 83% of consumers still trust their bank and insurers to keep their data safe.
 
This is worrisome, especially in India, where we have a large number of people who are financially illiterate and, yet, are being pushed into the digital economy. In my previous article, I had pointed out the prevalence of free data-sharing among corporates. In such a scenario, the chances of protecting the confidentiality of a customer's data look bleak.
 
The Capgemini survey says security concerns deter over 50% of consumers from using digital channels. What happens if customer data is breached or compromised? Some 74% of customers would change their bank or insurer in such an event, the survey says. But changing the bank is not the solution for the customer who, despite this move, will remain vulnerable to frauds not limited to cyber threats. 
 
Another serious issue that the survey points to is about retaining data even after the person ceases to be a customer of the entity. A shocking 78% of organisations don't delete the data! Internationally, this is likely to change from May 2018 with the General Data Protection Regulation (GDPR) coming into force; but the scenario in India is not promising.
 
 
I have no issues with an organisation wanting to preserve the data of its customers, provided it is protected from any breach. But, with the government seeking to move everyone on to the digital platform, without knowing the best practices to survive in the virtual world, I wonder if anyone is really safe from data breaches. 
 
Remember, in October 2016, State Bank of India (SBI), the largest State-run lender, had to block and replace almost 600,000 automated teller machine (ATM) cards. The compromised security was blamed on a malware spread through the ATM network of another lender. If a simple malware can cause such havoc, what could happen if someone steals information from banks' database? I have used SBI only as an example. 
 
Another serious issue is increased usage of electronic know-your-customer (KYC) through forcible methods. Undoubtedly, it is convenient; but there is no protection for the customer in case of a data breach. What is more serious is that the gullible customer will be thrown out of the formal financial system for no fault of his/hers, due to such data breach. Where will the customer go? Who will address such grievances? This issue applies to unaudited and unverified Aadhaar numbers too. Nobody seems to have any idea about how and, mainly, who, is maintaining the database for Aadhaar numbers. So, once your Aadhaar number or data is compromised, you will have an uphill task to prove you are the same person that you claim to be! This is scary, especially when you think how the government is forcing Aadhaar through the backdoor on everybody, Is there a remedy? All you can do, as a customer in India, is to pray that the financial organisation you deal with keeps your data secure. Remember, it takes just a few seconds for a thief to steal money from your bank account, but you will end up spending months on end to get your money back, if at all that happens. 
 
When the government starts working on the Budget, it is made sure that all computers and laptops from that location are disconnected from the outer world. As a customer, you can learn from this and try not to 
link your accounts with a single ID like Aadhaar, if possible.

No comments:

Post a Comment