Saturday, December 10, 2016

LESSCASH AWARENESS TIPS



                                      “To be or not to be

This is the question we are trying to answer by every passing day. How safely to become a part of Less Cash economy or not to be a part of it but still perform our day to activities are the major concerns troubling us currently.

You select either of the option, the writing is on the wall that every Indian must become a part of cashless economy and hence it’s more appropriate that we learn some basics about security while utilizing these various instruments of cashless economy.

The need to learn security must be at forefront as we all are presently not comfortable with these instrumentalities of cashless transactions and have many doubts/apprehensions in our mind about functionalities of the same.

With lack of basic digital knowledge and cyber securities culture its very tricky situation and hence CYBER AWARENESS ORGANISATION appeals to follow following safety tips.

1)    Always use one particular number for commencing these cashless or electronic transactions.
2)    This number should not be used for any other purpose meaning it should not be your regular mobile number.
3)    Do not share your this mobile number with anyone except for these digital financial transactions.
4)    Be sure about the connectivity/ working of this number and make it a habit to check it after a standard interval of time.
5)    Don’t use your regular mobile number which is known to many for any of the e-wallet, online banking like sending OTP etc. activities.
6)    If you have synchronized existing mobile number presently to your digital instruments, try to change the same with some new number.
7)    Inculcate the habit of changing your PIN/Passwords on more regular basis like your habit of changing your underwear.
8)    Don’t link your e-wallets or similar instruments with your bank accounts.
9)    Always maintain two different bank accounts and one should be exclusively for digital transactions with no connection with other bank accounts.
10)                       Don’t provide standing instructions to your bank for topping up of e-wallets etc.
11)                       As far as possible use some alternative methods of transferring money to these e-wallets.
12)                       Don’t use open networks, unsecured public connections and free wi-fi to carry out your financial transactions.
13)                       Always be particular to verify the authenticity of the transaction with all the available minute details.
14)                       Don’t hesitate or delay to lodge your protest in case you observe any discrepancy in digital transaction.
15)                       Spread these security tips to 10 persons and become a part of this CYBER AWARENESS CAMPAIGN.


If you have more security tips please write to info@cyberorgindia.com or do call CYBER CRIME HELPLINE 09225109900.

Published by Advocate Mahendra Limaye President of Cyber Awareness Organisation for the cause of Public Awareness.


Monday, November 28, 2016

Moving Towards Cashless Economy with Digital Illiteracy!!!!!!!!!!



Recent move of Demonetisation of Rs.1000 and Rs.500 old currency notes and replacement of vacuum created by same with new Rs.500 and Rs.2000 currency notes is having various dimensions as per various economists. Every move has its pro’s and con’s. The Modi government must have examined all the viewpoints and taken the decision with due deliberations and discussions.
There can be various alternatives to this vacuum caused by shortfall of currency notes and one of them as suggested by various ministers and even PM himself is migrating towards CASHLESS ECONOMY, as adopted in various western countries.
Understanding Cashless Transactions in simple words is avoiding hard cash in most of our financial dealings and use of various electronic payment means like credit/debit cards or payment wallets etc. The full page advertisements released by most of the e-wallet companies in India, in all leading newspaper, is evident that these companies are going to be immensely benefited by such move of migration towards Cashless Economy.
The main risk about Cashless Transactions is lack of physical intervention at any check point involved in entire transaction. Most of the transactions just need system generated OTP as the only security mechanism, which can be very easily compromised. Normally this OTP is sent on the mobile phone registered with the service provider.
The other risk is trust deficiency in this mechanism as people are running from post to pillar for retrieval of their lost money in case of any such fraudulent transaction. As most of the mechanisms are handled by call centers and it’s very difficult to physically locate any of the support centers, people have trust deficiency in the same.
Various Ministers of the central government are making statements that even a school going kid is able to teach how to use these digital money apps to their parents but can a school going kid identify the inherent threats involved in these apps utilization or is he able to distinguish real caller or fake caller or genuine app or fake app? And is government relying on these school kids for imparting education of CASHLESS MONEY TRANSACTIONS to their digitally illiterate parents?
Technology is two edged sword and nobody can be 100% sure about using it safely. 70% People are using technology due to compulsion and only 30% are using the same voluntarily. These 30% consists of techno savvy and few from good educational qualifications. What about 70% of the masses who are using the Cashless modes mere by compulsion? It is proven fact that if anyone adopts anything voluntarily then he is bound to explore the same properly and the one who is forced to adopt the technology will be under constant strain and fear of using the same.
How these e-wallet companies function? What is there revenue model? What security guidelines and practices they follow? What complaint redress mechanism they have in place? Are there any possibilities of criminal activities through these Cashless Transactions? If yes, what is counter action plan for the same? There are many such questions which needs answers and these answers along with solutions must be put in place at once or else too much damage would be caused to millions of digital illiterates in the country.
For a country with highest number of digital illiterates migration to Cashless Economy is very bold and courageous move on the part of government. If proper education about digital safety and using these digital instruments with utmost care is not provided on war footing I foresee large adverse fallout of this step.
Cyber criminals have already made merry out of the digital illiteracy on part of online users and this is evident from NCRB statistics about exponential growth in cyber criminal activities in every passing year. This demonetisation will be an additional booster in these criminal activities and coupled with the organized cyber criminal activities and digital illiteracy there can be no stopping to the same if fast actions are not initiated by the Government.
It has been reported by a leading Mobile Wallet company very recently that due to concerns about privacy security of the users they were compelled to suspend launch of their POS App.
In October 2016 itself 32.14 Lakh debit cards of various public as well as private sector banks were reported to have been compromised by malware attack and thereby causing compromise of privacy of users. This incident speaks about the inherent dangers in Cashless Economy.
For moving towards cashless economy our at least 80% digital users must be digital literate and they must be properly trained and educated to handle these new avatar of monetary instrument. At the same time our laws must be more stringent and police must be on toes. The traditional mindset of police machinery which revolves around jurisdiction only must be modified immediately and the police should be more digitally equipped. How digitalised society can be regulated under digitalised police or judicial machinery?
Sooner we find the solutions to these concerns the better will be the future.


Thursday, September 22, 2016

WHO ARE SILENT KILLERS OF MODIJI’S MISSION DIGITAL INDIA?



Every Indian is feeling conceited and buoyant with various revolutionary initiatives in Digital world launched by the present government under leadership of Prime Minister Hon. Narendra Modiji. All of us are certain that these seeds of Digital revolution may it be in form of Mission Digital India or Skill India program will certainly bear fruits in coming years. These seeds are sown with a futuristic view and young millennial generation of India is likely to enjoy theses fruits.

After a long time such a futuristic view and concrete steps for achieving the same have been initiated by government. Modiji need to be complimented for the same. Also all his team needs a huge round of applause for incessantly working for achieving the same.
But sadly it’s worthy to mention that all is not well in this Mission Digital India campaign. If we consider what could be outcome of the Mission Digital India after few years, I am bit afraid of predicting the same. Let me try to predict the same. 

Presently Digital population of Indian users may be around 25-30 million as per very conservative estimates and if 25% of them use it for banking as well as online shopping activities then we have roughly 10 million Indian population online. If considering they carry out monetary transactions worth Rs.500 each on weekly basis the amount involved is Rs.20, 000Million per month.

Now if Cyber Criminals target only 1% of these users, then also they are able to garner about 200 Million per month. Is it unbelievable?

Unfortunately none of us is prepared to accept the statistics presented above as it makes us terrifying about the whole scenario and these numbers does not have authenticity from any statistical wing of the government.

But even if the statistics may be doubted but it can not be denied that Cyber criminals are acting more vigorously in this niche domain of crimes.

And to top it all the role of Banks, Police, Educational Institutions and judiciary needs a careful scrutiny. To start with Bank, none of them is actively engaged in awareness about the cyber security and preventive tips. What limited they are doing is only lip service. The apex bank i.e. Reserve Bank of India is sitting on huge corpus meant for DEPOSITOR EDUCATION AND AWARENESS FUND since last few years. But none should question them!!!!!!

As reporting and investigation about such related crimes are concerned all is not too well. Our police machinery is not well educated to understand the magnitude and damaging capacity these crimes posses. They are yet to come out of traditional jurisdiction mind set and hence recurrently refuse to even register FIR, leave the hope for investigation of the same. Many a times it is observed that police are even not aware about provisions of Information Technology Act. Hence they register these crimes under IPC sections. Another difficulty with police is investigation as they don’t have well equipped Cyber Forensic Labs to analyse the modus operandi etc.

Fortunately Maharashtra Government under leadership of CM Devendra Fadanvisji has promised to set up Cyber Forensic Lab in every district place at Maharashtra. This will be a huge moral booster for Police in Maharashtra and people from Maharashtra can expect that situation will improve in coming days.

As regards to educational institutions less said is better as very few government schools and colleges have initiated such Cyber Awareness Training Programs and unless they are directed from top, they won’t initiate. In the case of CBSE institutions, CBSE has long issued directions for initiating few measures as regards Cyber Bullying etc. but whether these are functional needs a research.

Last ray of hope is Judiciary but here also all is not well!!!! The first trial court specially established to look after Civil Litigation under Cyber Contraventions is scarcely functional. Information Technology Secretary of each state is nominated to look into these matters but hardly any IT Secretary across all Indian states is serious about this additional mission given to them.

The appellate tribunal set up above Adjudicator is also non-functional since last 6 years as there is no appointment of the Chairperson of this CAT.

All other civil courts are barred from entertaining matters involving cyber contraventions and hence their jurisdiction can not be invoked.

So overall view of banking, educational, judicial and police mechanisms is not so encouraging currently and success of Mission Digital India can not be said to be in safe hands. What needs to be done is to identify these silent killers in this ambitious and much needed project and weed them out.

Unless Modiji act tough on these silent killers, in my view damage of the mission will be enormous and one of the finest projects will never take off the way it should be!!!!

Hence this appeal to PM Modiji for weeding out these damaging factors!!!!!     

Wednesday, August 31, 2016

APPEAL IN PUBLIC INTEREST REGARDING ONLINE SHOPPING PORTALS

This communication highlights plights of online shopping consumers and requests your support and initiative to safeguard rights of those million of innocent customers as a PUBLIC INTEREST LITIGATION highlighting the issues was dismissed on grounds that Law Making is function of Legislatures and Judiciary is not supposed to encroach on same.
Everyone is aware about new communication systems and digital technologies and dramatic changes made by them in the way we live. A revolution is occurring in the way people transact business. There is increasing use of online technologies these days in practically all walks of life. Be it online shopping or online ticket booking for train or cinema or ordering of food through online services available or online payment of various bills or recharge of mobile phones and so on and so forth.
There is unprecedented growth in online shopping activities or what is best understood as e-commerce activities in India, of late, due to increased use of technology. E-commerce activities mostly consists of buying or selling of goods and services, or transmitting the funds or data over an electronic platform mainly internet. Millions of people shop online everyday, spending hundreds of thousands of rupees. Simultaneously the number of online retailers is equally impressive; this means that you get a wide range of shops to choose from, but also with the probability that you may fall a victim of fraud through these online shops.
It has been observed that persons carrying out Online shopping activities are deprived protections of law as there is total absence of suitable legislation for protecting the online shoppers. Online shopping victims are facing discrimination in various ways when they go for registration of FIR or reporting in matters of frauds to local police station. There is complete absence of regulatory mechanism for registration, monitoring and controlling the online shopping portals unlike regulatory mechanism available for physical shops. When it comes to reporting regarding frauds or cheating through online shopping or related activities general public is finding it very difficult to report the same with local police. Many fraudulent online shopping websites and online payment gateways have come up currently and many people are being duped while carrying out online activities.
As per available statistics of 2014, online shopping base in India is about 40 million and it is expected to touch 100 million in near future. The volume of amount transacted is about to touch 60,000 crore approximately. The average annual spending of Indians on online purchases is expected to rise 67 percent to Rs. 10,000   next year, according to Assocham-PwC study. About 40 million consumers purchased something online in year 2014 and the number is expected to grow to 65 million by 2015 with better infrastructure in terms of logistics, broadband  and Internet-ready devices.
The overall e-commerce industry, valued at $17 billion (Roughly Rs. 1, 08,167 crores), has been growing at a compounded annual growth rate of about 35 percent each year, the study said, adding that it is expected to cross the $100 Billion (roughly Rs. 6, 36,281crores) mark in five years.
So if proper regulations are not framed immediately to monitor and regulate this huge amount of transaction which is being carried out through online mediums and more specifically through online shopping portals and online payment gateways anticipating the safety and security of the people, there would be immense monetary loss of people and also loss of faith in these mediums.
Many online shopping companies does not have any physical location or contact address or point of contact displayed and customers are left to the mercy of online shopping website owner in case of return or exchange of goods. It has also been observed that many online shopping portals have either published the address which is not traceable prima facie or not at all published any physical address, and there are no regulatory guidelines which mandates for verification of the address of such online shopping sites prior to uploading it on website by any government machinery. Though there is provision under Information technology (Intermediary Guidelines) Rules 2011 clause 11 for publication of name of grievance officer and his contact details as well as contact mechanism for contacting them. Under Article 302 government can impose reasonable restrictions for protecting public interest on trade and commerce activities and online shopping is also covered under the same.
Also other problem is regarding jurisdiction. Even if some victim tries to lodge complaint against such online shopping portal or payment gateway then police are not entertaining such complaints either on the ground that transaction occurred in some different jurisdiction and hence crime did not happen in their jurisdiction or the type of matter falls under Tort, i.e. civil wrong and hence no police complaint is required. This attitude of police also defeats fundamental right under article 14 of equal protection of law. There seems to be different attitudes of law enforcing agencies towards tackling of crimes through normal physical shops/stores and online shopping portals.
As per information received under Right to Information it is not specified by Government that to which department these online shopping portals or online recharge portals are answerable or reportable and hence no specific government department is proactive towards curbing malpractices in online shopping and online payment gateways activities.
The magnitude of cyber crimes being committed is unimaginable. The investigation is not properly carried out in most of the cases due to lack of proper training to law enforcing agencies. General public at large, is falling prey to many such fraudulent online shopping and payment gateways due to lack of awareness and as there is no mechanism of registration of such websites as well as payment gateways by government. This is certainly not a healthy trend as online activities are growing every passing day and people are losing huge amounts in through the same. Rather this situation of lawlessness and anarchy in cyberspace is encouraging criminals to Rule the Cyber Space for their benefit.
This can also be a serious threat to National economy. As by “following the money” many facets’ of the criminals who are perpetrating such crimes can be uncovered and that can have huge impact on national economy as well as national security.
These incidents of crimes are mostly linked with transfer of money may be small or large. In this era of globalization cross border transactions are accomplished without any control over the same and the money derived out of these fraudulent transactions can be used to finance illegal as well as terrorist activities to destabilize the state. And hence this issue needs to be addressed as utmost priority
Hence it is requested to frame rules for registration and regulation of the online shopping portals and online payment gateways, immediately, so that general public at large will not be defrauded by such fraudulent online shopping websites or online recharge portals;
Further government is requested to issue instructions to all online shopping portals and payment gateways to upload the name of grievance officer with full contact details on their website and preserve and retain the information of all the transactions carried through them for at least a period of one year.
Public Interest Litigation was filed to highlight all the above issues before Hon’ble Nagpur Bench of High Court by the undersigned but the Hon’ble court observed very rightly that Law making is essential and exclusive function of Government and hence undersigned petitioner was advised to move to respective governments and hence this representation/appeal in the public interest.

Advocate Mahendra Limaye
Cyber Legal Consultant
09422109619
CYBER CRIME HELPLINE 09225109900

Tuesday, May 3, 2016

RBI ACKNOWLEDGES FINANCIAL ILL- LITERACY AND LACK OF AWARENESS



                 The Reserve Bank of India has recently come up with Notification dated 21 April 2016 vide ref. no.RBI/2015-16/378 DBR No.Leg.BC.93/09.07.005/2015-16 regarding Publicity in Bank branches cautioning public against placing deposits in dubious schemes.
                The Circular says that RBI has noticed that customers receive telephone calls relating to winning of lotteries/prizes etc. or various dubious schemes have been floated where returns are higher than offered by banks on deposits. The customer believing such messages/schemes remit the required amount apart from divulging details of their accounts to the fraudsters.
               Then circular adds that absence of financial literacy and lack of alertness to fraudulent schemes/calls are the main reasons behind innocent depositors falling prey to such schemes.
               There after circular states that all Scheduled Commercial Banks including Regional rural Banks and Local Area Banks may in their own interest and as customer education effort in interest of public consider designing suitable posters or pamphlets and notices consisting messages of awareness.
                Cyber Awareness Organisation suggests some additional measures which should be implemented on priority basis for prevention of such frauds and protecting public’s hard earned money.
1)    RBI itself is sitting on huge fund known as Depositors Education and Awareness Fund since last two years and should consider releasing same for benefit of customer education and awareness as per old saying CHARITY BEGINS AT HOME!!!!
2)    RBI should mandate all the banks to carry out Customer Cyber Awareness and Education program in each branch on bi-monthly basis to impart security trainings to customers.
3)    RBI should create central helpline for speedy reporting and data analysis of such frauds so as to act faster.
4)    RBI should monitor AML reporting on weekly basis and more consistently.
5)    There has to be synchronization of LEA, RBI AND TSP’s in investigations.
6)    The payments gateways should be properly regulated.
7)    There must be some cooling time for all transactions except few where additional security or authentication measures are followed with prior approval of the customer.
8)    All payment gateways must be compliant with section 43A of I T Act.
9)    RBI should monitor KYC implementation more strictly and illiterate customers should not be provided with any type of Credit/Debit cards.    
                There are many more such suggestions like encouraging talk shows/power point presentations for creating cyber awareness among users etc.

                 We congratulate RBI for the issuance of this circular which is first step towards creating Cyber Awareness and CYBER AWARENESS ORGANISATION feels proud that its cause is at least endorsed by the Apex bank of India.