In an online chat with readers on April 27, Sameer Ratolikar, Chief Information Security Officer, HDFC Bank, answered readers' queries on how to secure their online banking transaction.
Here is the chat transcript:
Pooja Shirsat: Are banking apps safe? What precautions should app users take?
Sameer Ratolikar: Hi Pooja . It is safe. Pls see that you download genuine app from app stores.
Sudhir Kumar: How secure is the Mobile Banking? I mean android/iOS apps?
Sameer Ratolikar: Android is open source while IOS is restricted. This is the basic difference. Pls see that you use the latest version of the OS.
Please check the app while downloading from the app store, that it is genuine. Avoid downloading videos/songs/movies on the mobile phone from untrusted sources.
Vikrant Shewale: Like to know the dos & don'ts of safe banking & transactions online?
Sameer Ratolikar: Hi Vikrant, first and foremost use the licensed anti virus and ensure that your computer is updated with the latest patches.
Always access Internet banking by typing a separate website address /URL or many banks have an option of accessing Internet banking through their corporate websites, checking HTTPS(S) is very important.
Don't disclose your personal details to any one over a phone/email/ sms.
Hitika Shewakramani: So many passwords required everywhere. Risk is also increasing. It's difficult to remember all passwords. Can't write and keep as well. Is there a way out?
Sameer Ratolikar: Hi Hitika, I completely agree. It is inconvenient to use multiple passwords. So, I recommend you to use PassPhrase.
A PassPhrase is a complete sentence like 'GoaIsStunning' for 'Goa Is Stunning'.
If you add a special character in the PassPhrase then it is more secure. You may also take first letter in each word and add special character and create a PassPhrase.
Ankita Verma: Is mobile banking as safe as net banking?
Sameer Ratolikar: Yes Ankita It is. Both Mobile and Internet banking are safe and secure.
However, some safety tips are: you shouldn't use Mobile and Internet Banking from Public Wi-Fi or Cyber cafes.
Take care in downloading genuine mobile app from the appstore. Don't download songs/ videos on your mobile phone from untrusted sources.
Sanket Joshi: I recently got a call from someone claiming to be from the bank where I have my account and they asked for my personal details to upgrade my card. While I didn't give my details because I don't want to upgrade. Does HDFC Bank call its customers to ask for personal details or bank account details?
Sameer Ratolikar: Hi Sanket, HDFC Bank does not call its customers to ask for personal details over the phone. But, I agree that fraudsters use this technique to defraud unsuspecting customers, who may think that their bank is calling them.
And yes, there have been reports that they now use sophisticated techniques by also giving automated messages while putting the customer on hold.
No matter who claims to be calling, customers should NEVER share any personal information over the phone, or on SMS when they receive such calls. Also, if anyone
receives such calls, or messages, please immediately report it to your bank.
DD: what is the use of those security questions at your bank site. If someone has gained access to an account via netbanking, he can anyway change those questions.
Sameer Ratolikar: Hi DD, Security questions and OTP have different objectives. While, questions are an addiional authentication mechanism, OTP is a dynamic authentication. Both are important.
Akash Kumar: kindly guide us to safely and securely handle online accounts...
Sameer Ratolikar: Hi Akash, don't disclose your personal account details, card information, ATM pin to any one, use licenced AV, update your computer with the latest patches, Securely enter ATM pin when you use ATMs.
Don't download audio/video/ songs n your device from untrusted sources, use passphrase instead of a password, etc.
Venu Thanikal: while using netbanking frequently we have to change password which creates confusion. How to solve this?
Sameer Ratolikar: Hi Venu, it is a safe practice to change your password regularly.
To help you remember, I recommend you to use PassPhrase. A PassPhrase is a complete sentence like 'GoaIsStunning' for 'Goa Is Stunning'.
You can keep the phrase same and keep on changing the alpha -numerics.
Stefanie D: Often at restaurants the waiter asks for the debit or credit card to take to the POS machine which is at the reception desk? Isn't this unsafe?
Sameer Ratolikar: Hi Stefanie, Please see that you never disclose your PIN to the waiter or any retail outlet/ petrol punps.
Always ask for the POS machine to be brought to you/you go to the place where the POS machine is kept and enter the PIN on your own.
Ketan: My senior citizen parents use netbanking. While they are educated, fraudsters are finding newer ways to steal data.
Is there a video on the dos and dont's for using netbanking that I can show them because that'll make it easy for them to understand?
Sameer Ratolikar: Hi Ketan, Secure Banking video link: http://rediff.ly/6hyfz
Manoj Navagamiya: how hackers reach to personal laptop? i am using the netbank site from only https site, even though. advise us more safe banking methodology
Sameer Ratolikar: Hi Manoj, if your personal laptop is not updated with the latest patches, you use unlicensed anti virus, password is not complex then your laptop is vulnerable to cyber attacks.
Basically, keep the laptop safe and secure. Don't ever disclose your personal details to any one over a telephone call / an email.