Today the news is about Customers who paid by credit card at 51 UPS Store locations across 24 states in USA are at risk of their credit card being siphoned by cybercriminals. Last year end it was turn of Target’s (large retailer) 98 million customers to have their card data stolen. These are not happening only in faraway USA. In Chennai (India) too, city police gets hundreds of complaints every month on money being siphoned from their bank accounts.
As the world becomes more and more connected, payment transactions moving from cash to digital, as individual consumers we too get inadvertently exposed to online security risks. Common people (aam aadmi) knows if he leaves his wallet exposed he is going to get pick pocketed. She takes care to protect her purse, but that’s because cash (and gold) has been around for centuries. In every day life we do encounter people who imprudently don’t take care with their cash, I see them to be either simpletons who don’t know better or simply fools!
But in case of digital payments and online, these are recent technologies and it takes time for common people to learn and understand the risks and protections.
I am sharing here about two instances that happened to me yesterday and what I did after that. These made notice that to being secure takes effort, but its just common sense.
In the evening after a dentist appointment I was returning home with wife, we stopped in a near-by retail shop. Few thousand rupees transaction, I gave my credit card, entered PIN (which is nearly mandatory now thanks to Reserve Bank of India rules), collected the items and came home. Few minutes after I got a call from the shopkeeper informing I forgot my Credit Card in the shop. I rushed back, sincerely thanked the guy and collected the card.
But the few minutes the card was not under my possession would have been enough to skim the card to make a duplicate, and observing the PIN when I first entered it would have been easy too. I have no reason to suspect anything in this case, but it is better to take precaution. As soon as I came home, I logged into my bank site and changed the PIN number. I could have called the bank for a replacement card but my threat perception on this was lower.
After the above incident, I was trying a new mail app for Windows (and other platforms too) called Inky. It advertised an unified mailbox experience, modern interface and single sign on. Once you create an Inky account, setup mail accounts like Google, Hotmail (Outlook.com), you could login from any device with just the Inky account and it will configure all your mail accounts automatically. Basically Inky was storing your mail account details in their server, they promise to safely store all the passwords with strong encryption seeded with the Inky password.
After spending few minutes with the app I was not impressed. I saw no compelling feature and there was no way to view/edit my contacts that are already in Google & Hotmail. Lack of Address Book is a big turn off for me. Before uninstalling the app, I disconnected the accounts (GMail, Hotmail) and deleted the Inky account too. I have no reasons to doubt the sincerity of Inky, but being in state of paranoid I was, I changed my Google & Microsoft (Hotmail) Account passwords. It has been sometime I changed these passwords and they were in a sense due for a change!