Arduino Projects   |   Raspberry Pi   |   Electronic Circuits   |   AVR   |   PIC   |   8051   |   Electronic Projects

Digital Security - Beware, Cyber-Thieves on the Prowl!

Submitted By: 

Vishal Duggal
Digital technology is changing the ways businesses are run and the manner in people lead their lives today. Every day, there are newer ways for working, dealing and interacting with one another. As our digital footprint grows exponentially, we are forming our own online identities. Digital security is essential for protection of these identities. It includes the tools we can use to secure our identity, assets and technology in the online and mobile world. All this becomes imperative as criminals are always finding new ways to steal information from users. IT security measures essentially aim at protecting sensitive data, which helps to prevent identity theft and safeguard your privacy. All new and existing business and data processes require to include a data security review to make data safe from loss and secured against unauthorized access. Thus the privacy, security and ownership of data has become a very important and relevant issue today.
What is Digital Security?
Digital security is the precautionary protection of our online footprint. It includes the tools such as anti-virus software, web services, biometrics and secure personal devices that do not give away vital information such as full name, address, passwords, bank information etc.  Devices such as a smart card-based USB token, the SIM card in your cell phone, the secure chip in your contactless payment card or an e- passport  provides consumers with the freedom to communicate, travel, shop and work using their digital identity in a convenient, enjoyable and secure manner.
Fig. 1: A representative image of digital security
However, our digital footprint involving use of electronic products using advanced technology is fraught with risks too. As we surround ourselves with more and more connected devices, our once-simple networks are becoming more complex, riddled with many unfamiliar vulnerabilities. Taking this in view, the challenge is to provide the kind of robust protections that our network needs when it scales up to join the Internet of Things (IoT) and doing so in a way that it is  broadly accessible to users.
What makes you vulnerable to data thefts?
During 2016, cyber-crime hit an all-time high and consumers even in an advanced country like the United States lost billions of dollars because of identity theft and fraud. An estimated 15.4 million consumers were hit with some kind of ID theft, up from 13.1 million in 2015.    Despite the use of secure EMV chip cards, fraud losses totalled $16 billion as about 1 in every 16 US adults fell victims to ID theft and card cloning.
Fig. 2: Representational Image Of Online Frauds are Real Threats-Beware of Hackers
Apart from card cloning which allows criminals to steal account data and write it onto counterfeit cards used to make fraudulent in-store purchases, cyber thefts include involuntary purchases made by a fraudster, usually over the phone, without needing a physical card. If hackers somehow access your banking or financial information, they can use your credit cards and apply for loans without you ever knowing. A fraudster may try to impersonate as a trustworthy entity over call (telephone/mobile/IVR) and attempt to acquire your sensitive information, such as CVV/OTP/Card PIN/Internet Password; financial account details & personal information. The crook may try tricks like requesting download of remote access mobile applications that help connect one mobile device to another. Once downloaded, a code/OTP is generated on your device, which the fraudster asks you to share, followed by a request to grant permissions. Your mobile will virtually be in the hands of the fraudster with all your confidential data. The fraudster can steal and carry out fraudulent transactions via mobile banking or payments related apps using UPI (Unified Payment Interface), the real-time payment system platform.
How to maintain Digital Security on your devices
Fig. 3: Representational Image Of Security Scan Fundamental to Cyber Protection
Following are some of simple tips to ensure your devices are safe and secure to use:
  • Put a password on each of your devices so that you are the only person with access to them. Your devices contain a lot of important information and you wouldn't want that to end up in the hands of a wrong person.
  • Install a trustful anti-virus software to help fight off viruses and ensure that your devices are safe from malware.
  • Don't click on links of unsolicited emails or ads. Instead delete the emails and install a trustful ad blocking software to prevent them from appearing again.
  • When making passwords, try to make ones that are hard to guess.
  • Make sure to read the policies and terms of agreement when signing up for any social media or online account. This ensures that you are signing up with full knowledge of your rights as a user and the way the information provided may be used.
  • Do not make all your social media profile information and posts public, instead make them visible to only your friends, that way you control who sees the information you post.
  • Refrain from downloading any mobile applications suggested by third party.
  • Always read the terms and conditions before downloading any application on your mobile device.
  • Never login to any payment related application if you suspect that your device is compromised.
  • Don't click on links sent by unknown senders and always visit a website by typing the URL in the address bar.
  • Update your latest mobile number in bank records and change your PIN/passwords frequently.
  • Review your credit card and bank statements regularly.
  • Bank or its employees will never ask for your card number/ card expiry date/CVV/OTP/Internet Password. Do not share these details with anyone over phone or e-mail.
Tools to help protect your identity online
Digital security allows people to securely use internet, social media and online banking and protects them from risks such as identity theft and fraud. However, it is also important to be aware that your personal information should be absolutely protected because it can be used when stealing your identity. It is also important not to divulge any of your bank details in public because it might result in the people around you stealing your important and private information.
Fig. 4: Representaional Image Of Security your Data An Asset you can't Afford to Lose!
Digital video/audio surveillance and image storage/retrieval are capable to be integrated with all kinds of surveillance and alarm systems. They all support the connection with local/region network infrastructure to offer complete functionality on access control and remote monitoring globally. It is important to practice good online security habits and such safeguards can help to protect your online presence. With identity theft and fraud on the rise, it is more important than ever to keep your identity as safe as possible.
Following are some more steps that you can take to increase your safety online:
Managing your data: You need to develop a plan to review your data security status and policies. It involves creating routine processes to access, handle, and store the data safely. You should know what levels of protection are required to keep the data both confidential and safe from loss.  It is advisable to scale down, keep only the data you need for routine current business, and safely archive unneeded data or destroy older data and remove it from all computers and other devices. Equally important is to back up data to a safe place so that it can be recovered if equipment fails or is lost or stolen.
Assign data a level of sensitivity based on who should have access to it and how much harm would be done if it were disclosed. It's vital to properly handle sensitive data such as passwords, financial and health related data, identity numbers, sex life, biometric and genetic data, race, religion or political choice.
Free Credit Report: It is important to keep tabs on your credit reports to analyse them for correctness. Fraudsters may open the accounts and loans in their victim’s names.  Therefore, it is very much needed to do yourself a favour and take a look at your credit report at least once a year. In case you notice any discrepancies that indicate you are the victim of fraud, you can contact your credit card issuing bank and credit reporting agencies like CIBIL so that they are aware and can help salvage your creditworthiness.
Fraud Alert: If you have been a victim of identity theft in the past or if you are at risk because of a data breach then consider to have a fraud alert placed on your credit report. This protection tool makes it much harder for identity thieves to open accounts in your name. Before a lender can open an account or issue credit, they must first contact you. Generally, a fraud alert offers 90 days of protection but can be removed at any time. However, if you plan to open an account in your name, you have to wait as the process may be extended because of this added security.
Credit Freeze: For more thorough security, you may want to consider placing a credit or security freeze on your credit report. This tool allows you to restrict access to your credit information. However, with a credit freeze, you must take the following points into account:
Most lenders and creditors want to review your credit report before approving a new loan or line of credit. A credit freeze will make loan processes much slower.
You will need to unlock your credit so that lenders can view it.
You have to freeze your credit with each credit bureau separately.
Credit Monitoring Services: Keeping up with your credit and identity can be time consuming. To reduce some of the load off your shoulders, consider signing up for a credit monitoring service. These services offer credit monitoring, identity insurance and identity restoration. If you were ever a victim of data theft, it is nice to have professionals on your side to help you recover.
Recent government efforts towards digital security
Interestingly, India, one of the largest software producers in the world, is in a unique situation. We have a lot of highly educated people in the country but in large parts of the country we are still developing and have a low penetration rate for the internet. When it comes to personal protection, most of us are content to install some antivirus software on our PCs and hope for the best. But, in fact, the country needs advanced data protection, security and privacy law.
The long-term solution is to make India a low-cash country. This can happen only with more and more digital transactions. Definitely, demonetisation has reduced the time spent in digital migration from the years to months. Similarly, implementation of Goods and Services Tax (GST), Digital India and Aadhaar are major steps in the digitalization of economy. Millions of taxpayers are on a unified platform for the first time and every return is digitally filled. However, all this can be a success only when users stay on their guard against any theft of sensitive personal information.
We use global internet for our day-to-day activities. If data is encrypted, it could be a good security measure. If there is a dent in the data then the responsibility of the concerned organization should be fixed immediately. The government regulates different databases by various laws and regulations related to data protection, privacy and security. It has begun the exercise of increasing data security and addressing the fears of cyber-attacks, and its efforts include promoting research to increase the use of Artificial Intelligence (AI) in this regard. A high-level committee has been set up specifically to promote research on AI in the field of legal, ethical, regulatory and cyber security. Significantly, the government's focus is on encouraging R&D for new emerging technologies and innovation in data protection.
Significantly, the National Informatics Centre (NIC), which is under the Union Ministry of Information Technology, takes various measures to strengthen cyber security at the Central, state and district levels. It is doing work not only at the level of software but also at the level of hardware which ranges from computers to mobile phones to safeguard crucial data. Under this, various dimensions of security are extensively worked on that include networks, end point security, data point security and application security. In fact, data is not less than any asset today, so the government is taking it seriously but each one of us should safeguard our data against all sorts of potential breaches.