Swarajya Logo
Swarajya Logo
Politics States Economy Society Business Culture Infra Defence World Books Ideas Science Technology Heritage Archives Legal Movies Sports
  • Our Views
    Politics States Economy Society Business Culture Infra Defence World Books Ideas Science Technology Heritage Archives Legal Movies Sports
  • Magazine
  • Store

About Swarajya

Swarajya is a publication by Kovai Media Private Limited.

Swarajya - a big tent for liberal right of centre discourse that reaches out, engages and caters to the new India.

editor@swarajyamag.com

Useful Links

  • About Us
  • Subscriptions Support
  • Editorial Philosophy
  • Press Kit
  • Privacy Policy
  • Terms of Use
  • Code of Conduct
  • Plagiarism Policy
  • Refund & Cancellation Policy

Useful Links

  • About Us
  • Subscriptions Support
  • Editorial Philosophy
  • Press Kit
  • Privacy Policy
  • Terms of Use
  • Code of Conduct
  • Plagiarism Policy
  • Refund & Cancellation Policy

Participate

  • Contact Us
  • Write for us
  • Style Guide
  • Jobs

Stay Connected

  • Artboard 2 Copy 6Created with Sketch.
    Artboard 2 Copy 10Created with Sketch.
    Artboard 2 Copy 7Created with Sketch.
    Artboard 2 Copy 9Created with Sketch.
  • Andriod Logo
  • IOS Logo

Ideas

Don’t Go By What Mr Gandhi Says, Here’s How Your Money And Transactions On The Web Are Protected

Srikanth RamakrishnanThursday, December 1, 2016 8:10 pm IST
Rahul Gandhi 
Rahul Gandhi 
Rahul Gandhi 
  • Digital transactions on the web follow rigorous and well-tested security procedures. It is irresponsible of Rahul Gandhi and the Congress to try and create panic over them. 
  • Last night, Congress vice-president Rahul Gandhi’s twitter account was allegedly hacked, and this morning, the Indian National Congress’ official twitter account was supposed to be hacked too.

    Many Congress supporters used this to attack the idea of a digital and cashless economy as well as the Prime Minister’s Digital India programme. Rahul Gandhi himself told reporters that this incident posed a huge question mark on digital security, stressing on the fact that his account was verified.

    However, all of them are wrong, on many accounts. To begin with, Twitter’s servers are based out of the United States, and since no other account was reported hacked, this cannot be a major security breach. Further, this is not indicative of anything related to Digital India or a Cashless Economy. Those transactions have their own security.

    Two-factor authentication

    Two-factor authentication (2FA) was mandated for card-based transactions by the Reserve Bank of India (RBI) under the Payments and Settlements Act (PASA) of 2007. It requires that all card-based transactions proceed only with an additional layer of security. For card payments that are done using a swiping machine, a PIN has to be entered on the machine, failing which the transaction cannot go forward. In the case of ‘card-not-present’ (CNP) transactions such as online payments, the second factor authentication is either a PIN or a One-Time-Password (OTP) generated and sent to the customer’s registered phone number.

    This second factor makes digital card-based transactions more secure, and less susceptible to theft. In 2014, the RBI had asked Uber to stop processing its payments abroad and ensure that 2FA was applied on transactions. Uber replied, stating that it would comply with the RBI directive, but at the cost of inconveniencing its passengers.

    2FA is largely dependent on the 3-D secure system. The 3-D secure system, known commonly as verified by Visa or MasterCard SecureCode, operates across three domains or levels:

    • Issuer Domain: Whoever issued the card.
    • Acquirer Domain: Whoever is being paid.
    • Interoperability Domain: The network being used; Visa or MasterCard.

    Thus, during any transaction, the intermediate step after the user enters their card details takes them to the bank website where the user’s identity can be confirmed.

    In the case of bank transactions, most banks require that the user sets separate passwords for operating the account, and to transact money. Some banks, such as ICICI provide a grid on the reverse of a Debit Card and require the user to enter specific numbers from behind the grid. Apart from this step, an OTP is sent to the mobile number.

    Payments made via the Unified Payment Interface (UPI) require an M-PIN to be used, while platforms go an extra level requiring fingerprint-based authentication (using Apple Pay on an iPhone).

    All transactions are done over secure internet connections using HTTPS and SSL, making it significantly difficult for anyone to intercept data being sent across platforms. 2FA allows for some safety even if the card or phone is stolen. In 2016, a senior official at MasterCard had stated that Indian regulators had done a good job in ensuring safety for digital transactions.

    HTTPS

    The Hypertext Transfer Protocal (HTTP) is used by websites to distribute their content. HTTPS is a protocol that does the same, except it uses a Secure Sockets Layer (SSL) to secure the communication between the server and the user by providing a secure channel and a more secure port. HTTPS ensures that no data is transferred if a secure channel is not available.

    SSL works using the SSL session and the SSL connection:

    • Connection: A logical link between the server and the user that provides a suitable type of service. The connections are transient and each connection is associated with one session.
    • Session: An association between the user and server. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections. Sessions are used to avoid the expensive negotiation of new security parameters for each new connection.

    HTTPS requires that a website has a certificate issued to show that it is secure. The Transport Layer Security typically uses long-term public and private keys to generate a short-term session key, which is then used to encrypt the data flow between the user and server. Thus, HTTPS makes it difficult to intercept or intervene in a connection, and when combined with 2FA, financial security is safe. Banks ensure that if a user forgets their credentials to authorise a transaction, there are multiple steps in order to recover access, thereby making it difficult for someone else to get access to an account. This makes it safer than cash which can be stolen by simpler methods such as mugging someone who has money with them. Almost all major websites today use HTTPS, including Google, Facebook and Twitter, to protect their users.

    In the case of Gandhi and the Congress, the alleged breach was caused after someone reportedly got access to their email address.

    Every Indian transacting online is covered under the same amount of security, which by its setup, is indeed more secure than a Twitter password.

    Tags
    rahul gandhi
    Digital India
    HTTPS

    Comments ↓

    An Appeal...


     

    Dear Reader,

     

    As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.

     

    Our business model is you and your subscription.  And in challenging times like these, we need your support now more than ever.

     

    We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.

     

    Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.

    Get Swarajya in your inbox.


    Magazine


    Swarajya Magazine Cover Image
    Merchandise

    Merchandise


      Politics

      How To Think About Telangana Elections

      How To Think About Telangana Elections

      Venu Gopal Narayanan
      11h

      Modi's Pasmanda Outreach: PM Pledges More Health, Education Welfare Schemes For Muslims In Telangana

      Bhuvan Krishna
      14h

      Cabinet Approves Free Ration For Next 5 Years, 16th Finance Commission, Drones To Women SHGs, Rs 24,100 Crore For Tribals

      Bhuvan Krishna
      15h

      Economy

      In A First, Market Capitalisation Of BSE-Listed Companies Surpasses $4 Trillion Mark

      In A First, Market Capitalisation Of BSE-Listed Companies Surpasses $4 Trillion Mark

      Nayan Dwivedi
      16h

      Automobile Retail Sales Hit Record 3.793 Million Units This Festive Season, Surging 19 Per Cent YoY: FADA Report

      Nayan Dwivedi
      2d

      Public Sector Is Finally Beginning To Shine Under Modi's Ministrations

      R Jagannathan
      3d

      Defence

      Indian Navy's Ships Get Indigenous Firepower Boost: MoD Inks Contract Worth Rs 2,956 Crore For 16 Super Rapid Guns

      Indian Navy's Ships Get Indigenous Firepower Boost: MoD Inks Contract Worth Rs 2,956 Crore For 16 Super Rapid Guns

      Ujjwal Shrotryia
      15h

      Defence Ministry Set To Greenlight Proposals Worth More Than Rs 1.3 Lakh Crore For Acquiring 97 Tejas And Upgrading Sukhoi Fighter Jets

      Ujjwal Shrotryia
      17h

      Indian Navy's Second Indigenous Aircraft Carrier Proposal Gains Traction; Defence Acquisition Council To Take It Up Tomorrow

      Ujjwal Shrotryia
      18h

      World

      European Union's Top Court Upholds Ban On Visible Religious Signs Including Headscarf In Public Workplace

      European Union's Top Court Upholds Ban On Visible Religious Signs Including Headscarf In Public Workplace

      Bhuvan Krishna
      11h

      COP28 In Dubai: What To Expect As Global Leaders Set To Meet And Assess Climate Action Progress

      Nayan Dwivedi
      13h

      India Sets Up High-Level Enquiry Panel After US Shares Inputs On Nexus of Terrorists, Organised Criminals And Gun Runners

      Swarajya Staff
      15h

      Culture

      Kashi Tamil Sangamam 2023 To Be Held From 17 December To 30 December, Registration Portal Launched By IIT Madras

      Kashi Tamil Sangamam 2023 To Be Held From 17 December To 30 December, Registration Portal Launched By IIT Madras

      S Rajesh
      18h

      M P N Ponnusamy: A Nagaswara Legend Passes Away Almost Unsung

      K Balakumar
      1d

      Streamlined Repatriation: India-US Deal To Fast-Track Return Of Stolen Antiquities

      Swarajya Staff
      3d
      States

      infrastructure


      Amit Mishra
      1

      BHEL To Collaborate With EDF France On Jaitapur Plant Even As Nuclear Liability Issues Remain Unresolved

      2 Mins Read
      V Bhagya Subhashini
      2

      Mumbai Coastal Road's Promenade: One Kilometre Pilot Stretch Set To Launch In December

      2 Mins Read
      V Bhagya Subhashini
      3

      India's First Bullet Train Station In Mumbai Marks 15 Per Cent Work Completion, To Be Ready By 2027

      2 Mins Read
      Amit Mishra
      4

      Kerala: Third Chinese Ship Carrying Crane Docks At Vizhinjam International Seaport

      2 Mins Read