Many women are new to digital transactions. In India after demonetization it became more of a necessity for every individual to use different ways of digital transactions. Digital payment is a way of payment in which payer and payee both use digital modes to send and receive money. It is an instant and convenient way to make payments.
Digital finance has the potential to put in the hands of women the means to better carry out their roles. But it will not happen automatically. While digital financial services can be offered in many forms including ATMs, point of sale terminals, and cards (pre-loaded or debit), one that is promising particularly for women is mobile phones.
Safety and Security Concerns
We put across challenges involved with women in using different methods of digital transactions. Women are using their credit/debit cards at every possible place, but most are not aware of what to check before making online payments and what details they need to keep secret. A large section of technologically unaware women are now forced to use technology which can be misused by cyber criminal.
- Cyber criminals often target women to get user credentials. They try to get this information through a fake phone call (Vishing) saying that they are from their bank and ask you to link your bank account to Aadhaar card and you may give off the information without thinking much. Also Other variants of the fraudulent calls involve the customer’s account being over credited and that the customer must transfer money back to a third party account
- Cyber criminals send email to women online entrepreneurs, that the Supplier of their product has changed their bank account number and that all future payments should be made to the new account, which actually belongs to the criminal. This email spoofs the From: field, so the email appears to be from a Manager / Director / Senior Staff Member within the company. The email is requesting the receiver to ‘complete a bank transfer to an overseas account’ and appears to be sent from the email Manager's account but in actual money goes into the criminals account.
- They also try sending password stealing malicious code URLs to obtain the credentials.
- Most women tend to use the same credentials for multiple accounts, which in turn help the cyber criminals to access all your accounts if they earn your banking information.
- Without being digitally literate they may tend to download fake banking apps which cyber criminals send through mail. They often send mail with logos of banks with slight change in spelling, making it look like legitimate websites. They may install the application by clicking on the link. They perform transactions through this application and your banking information is at wrong hands.
- Women are advised by their online friends to download the app from an online store which gives good offers for branded products. This app may be malicious, once it’s installed it steals one time SMS authentication passwords without their consent.
- Text Message Fraud (SMiShing) is a common technique used by fraudsters in an attempt to obtain personal and security information for the purpose of identity theft or financial gain. The fraudsters send text messages to women that appear to come from legitimate numbers in an attempt to fool you into supplying your personal details.
- Since there are many E-wallets available, it becomes difficult for a new user to choose a trustworthy one. They may end in choosing the fake E- wallets. They may get request from their friends to download these E-wallets citing the discounted benefits while online shopping and purchase of movie tickets.
- E-wallet services are integrated with other services like cab bookings, food items, transport/hotel bookings etc which most women uses on regular basis. They are exposed to third party vendor risk . Their personal information and banking information are at risk through use of these services linked to E-wallets.
Aadhaar based payment
- Aadhaar based payment may put your biometric identity at risk if authentication for transaction is hacked by a cyber criminal.
How to avoid risk while using various digital transaction methods
- Use a hard-to-guess password that contains upper and lower case letters, numbers and symbols
- Do not use the same user name and password for all online accounts.
- Change passwords as often as possible, but at least every three months.
- Do not share your passwords or user identification information.
- Always log out of bank, credit card, and merchant sites after you have completed your transaction.
- Do not allow your computer to store user names and passwords for merchant or banking websites.
- When setting up security questions for sites online, use false information unrelated to your personal information, and keep track of your answers.
- Secure online transactions should occur only on a website that begins with “https://.” Do not trust a vendor without the “S” after “http” at the start of the web address.
- Keep records of every Internet purchase and transaction, and compare them with credit card and bank statements monthly. Report any discrepancies immediately to the issuer of the card.
- Learn what each of your credit cards offers as fraud protection and liability protection. Learn what the dollar amount limits are for your fraud protection coverage.
- Always use the most up-to-date version of a strong anti-virus and firewall security program.
- Download and apply updates from your antivirus and firewall programs when available, to ensure your program has the latest information about new scams and hacker tricks.
- Run virus scans regularly on your computer.
- Use an ad-blocking software program and a spyware detection program. Keep these programs updated and run scans often with them.
- Do not use “easy pay” payment options or “one-click ordering.” It takes a few extra seconds to enter a user name and password on a merchant site but often takes months to recover from online credit card fraud.
- Use the most up-to-date version of your Internet browser. They will use the most recent technology to scramble and protect data sent via the Web.