Our App is live! Download Now

Mobile Apps – Invasion to Privacy!
Feb 24, 2021

It is a story that we hear every second day about how popular mobile apps are in due conduct of privacy-related issues. Well, this goes without saying how dangerous it puts the users at risk.

New year often calls for new resolutions. We all have our set of oaths ready to either inhabit a change or abandon a trait. For mobile application creators, it is a slightly off-track story where they claim to have the best interest and preference of people in their hearts.

Let’s put it this way – you sure know the privacy issues that Facebook and Google are dealing with, sadly even WhatsApp now for that matter. But have you wondered about the effects and the privacy issues that your mobile device is potentially going through because of a handful of mobile apps?

Permissions that need your Attention!

Point that you need to register: Giving permission to Android apps eventually ends up giving control of your phone and to its content as well. Therefore, let’s walk through how to ensure safety and stay within control when using such apps.

Every time we try to install an app from an App Store, an app permission request is our first encounter. Usually, it is asking permission to control sensitive data. Hence, not only should you be alert about the apps you download from Play Store, but should also be prudent about the permissions they are asking you for.

There are three types of permissions: -

  • Normal – No risk of user privacy
  • Signature - unique permission granted by android to an app
  • Dangerous–Involves user data

Bid Adieu to the ‘Dangerous’ Permissions

We should indeed be concerned about issues that tend to hijack our privacy and security. There are mainly nine permission groups that request access. The way these groups function is peculiar. There are many permission levels in each group, thus, granting single permission automatically sends off an alert to all the other permission in the same group.

Here are the permissions that you definitely need to look out for:-

  1. Microphone

    This gives permission to use your microphone and record audio.

    If you use Spotify, you can listen to the music of your choice by identifying the song. Alternatively, if microphone is enabled for WhatsApp, you can send voice messages directly to your boon companion.

    However, the downside would be, a spiteful app that records the surroundings and discussion you are having around. Furthermore, can also intrude to record your business meetings and conferences.

  2. Location

    Apps can access the exact location using GPS – Global Positioning System and by adjusting to other sources like Wi-Fi. Developers are most likely to use these apps to extract profit from the ads that relate to locations.

    However, malicious apps can parallelly use these to load attacks based on locations. Some of the common apps that use it are check-in apps, location apps, and so on.

  3. Contacts

    Contacts permission allows an app to read the data from the contact list on your phone.

    This permission is usually taken by messaging or calling apps such as Whatsapp, Skype, etc. It can also be taken by other apps to elongate their marketing list that they can advertise to.

    Looking at the dangerous side, it can overwrite or edit the contacts. So, wonder what happens if your mortgage brokers’ number is changed to another and you end up calling and sharing all your financial data or information with a probable scammer. In addition, the contact list can also add to phish your friends and message them indicating it’s you.

  4. SMS

    This enables apps to read SMS texts.

    One of the great ways to eavesdrop on your personal information is by reading your text messages. Alternatively, some apps can breach this and even send SMS messages from your device.

    Malicious apps reading your SMS can even get access to your OTP messages and steal your money.

  5. Camera

    Camera apps usually allow taking pictures and recording videos. These apps can secretly do so if given the permission of the kind.

    You should be conscious while granting camera permissions as some malicious apps are capable of recording and saving your activities.

  6. Phone calls

    With these apps, it becomes easy to locate your phone number and information related to your cellular network that you are currently using.

    These applications can also make calls, receive them, edit your logs, add some content to voicemail, and even find out who is your caller. Therefore, some malicious apps can also spy on your phone and on the calls you make.

  7. Storage

    These apps give permission to users to be able to read/write directly on your internal or external storage.

    Let’s address both side of the story, a music application will help you download songs directly on your device. However, if a malicious app intrudes, it can secretly change, read, delete any data/files that you currently have saved in your device.

Invasion to privacy by mobile apps

Tips for you Privacy Protection

Basically, it all starts off when you understand the context of the permissions. It is significant to actually intercept what you want the app to do for you.

One of the most common OS is Android, and hence, to be sure of threats and cybercriminals trying to pull advantage shouldn’t be a shocker. However, when certain aspects are addressed carefully, even these risky permissions could be gotten rid of.

If you already are thinking, then below is the answer to ‘How to protect your privacy’?

  • Apps and Caution must go hand-in-hand: Downloading apps is equivalent to welcome malware in your device. Therefore, always download Apps via trusted sources like Google Play Store as they scan each and every app before you download them on your device. Well, unknowingly you may end up opening a Pandora’s Box whilst you get tempted by a third-party app.
  • Sending Email to the Developer: You may directly contact the developer of the application if you have queries that concerns ‘permissions.’ If the reply doesn’t convince you, avoid using the app.
  • Google Play to the Rescue: One of the best ways to know risky permissions before you install them on your phone is to know about them beforehand. Google Play does the needful for you. Check the details and description section on Google Play to know about all the Permissions that the app will require.
  • Know permissions of apps on your phone: Easiest way to know the dangerous permissions taken by apps that are downloaded on your phone is to download a tool with privacy scan such as FinLock app. It shows the risk level of apps on your android phone based on the different privacy permissions requested by them. Through FinLock, you can choose to change those permissions or delete the app. FinLock also alerts you when there is an app that is running in the background without your knowledge or you are trying to download an app that can record your screen. These apps can be misused by fraudsters to steal your passwords, PINs and OTPs.

    Additionally, keeps you off the hook since you now know the permissions you are welcoming along with the application.

Wrapping Up!

The modern world is tricky. Hence, it obvious to ignore a lot of things and especially ‘Android Permissions.’ Well, the considerable ignorance primarily happens because we never see these ‘Android Permissions’ as threats.

Therefore, make a wise pick and always remember to learn more about the permission before you end up granting them.

Related Posts
Online frauds and ways to protect yourself
Feb 24, 2021

It is no question that India is still a relative newcomer to the world of online banking, with an unforeseen spike in digital payments felt soon after the phase of demonetisation. Adding to the digital wave with the pandemic following soon after, and forcing people towards making online payments, our country is revolutionising our banking habits and paving a path to a digital India. But in the haste of digitalising our banking, a lot of us have seemingly neglected the risks involved in online payments and the security concerns we should look after. Ensuring your knowledge on these frauds should be a top priority to protect your financial assets and secure your bank balance from being stolen by a third party.

Types of Online Frauds

Some of the major online frauds in India reported on a daily basis are: -

  1. Phishing: - Often termed as one of the most common and deadly cyber-attacks in India, phishing refers to an attacker collecting your personal details through websites or emails that seem legitimate but are actually faked to coerce you into providing your private log in details or personal data that the attacker can then use to gain access into your banking accounts.

Also read: How to safeguard yourself from the evils of phishing

  1. Smishing: - This fraud includes the scammer appearing as a reputable company and sending fake text messages to your phone for the purpose of inducing you to reveal bank account details, passwords, or any other personal information which the scammer can later misuse to steal your money.
  2. Virus and spyware hosts: - These are apps or websites that look legitimate but are coded to inject viruses or malware in your smart device that can record your keystrokes or gain access to your banking apps, ultimately resulting in heavy financial losses. These apps include real looking interfaces to trick users into giving out their personal information.
  3. ATM card misuse: - Scammers often install fake card scanners at ATMs to steal your credit or debit card details and make fraudulent transactions in your name from your bank account.
  4. SIM swap attack: - The scammer can trick you into issuing a sim card in their name that will give them access to your phone numbers and with it, your banking OTPs and UPI accounts. You can avoid these attacks by safeguarding your personal information that the scammer might misuse to buy a SIM card in your name.
  5. UPI fraud: - These frauds consist of the scammers using fake UPI apps or IDs to coerce you into revealing your UPI details or make a fraudulent transaction in their account. Scammers can also steal your OTP or UPI PIN to carry out this scam, which is why you should never share your UPI PIN or OTP to anyone.
  6. Fake customer care numbers: - These are mostly cold calls received on your phone that convey schemes or a problem with your account, and mislead you into giving out your private details. Another way is for the scammers to post their own number and market it as a customer care number of a reputable company to make you believe you are actually talking to their representative and thus scamming you out of your personal financial details.
  7. False social media handles: - These are real looking social media accounts that might message you asking for personal details or offering a fake prize or scheme that might ultimately lead to huge financial losses. Be wary of unverified social media handles that might seem real but are actually running a front for a scam.

Measures provided by RBI to protect you from online frauds 

The Reserve Bank of India (RBI) identified these potential problems in our developing online banking services and have recently come up with a two-prong approach in lieu of protecting its citizens from falling prey to online frauds and scams. The first part includes creating awareness about the various online scams rampant in our country today, and the second part is to install intricate defences within banks to detect and avoid these scams from happening in the first place. They have also developed a myriad of measures that protect you in case a fraudulent transaction does take place from your account as long as you report them before the specified deadline.

Where and how to report online frauds in India

  • If you notice an unauthorised transaction made through your bank account, contact your bank immediately.
  • You should also contact the National Cyber Crime unit by calling their helpline 155260 to file a fraudulent case with the cybercrime branch. You can also use their portal to share your knowledge about the scam by logging on to their website and reporting the crime.
  • RBI ensures that reporting a fraudulent transaction within three working days offers zero customer liability, i.e., you will not be held responsible for the fraudulent transaction if you report it within 3 days. This will result in the bank being liable to reimburse you the amount you lost due to the fraudulent transaction, given that it falls under their terms and conditions.
  • Reporting the transaction after 4 to 7 days will result in you being liable to pay the transaction amount or anywhere from Rs 5,000 to 25,000 depending on the type of your account.
  • In case of reporting a disputed transaction, the burden of gathering proof falls on your bank, where the bank either has to prove you acted fraudulently or credit back the disputed transaction amount back into your account in 30 days.

Tips & Tricks on how to protect yourself

These malicious activities happen a lot more often than you might think, with thousands of people falling prey to these online frauds in India on a daily basis. To ensure that you handle your online transactions in a secure and reliable manner, here are some tips and tricks to stay one step ahead of the perpetrators: -

  1. Knowing the scams: - The most important defence against online banking scams is to always stay updated on them, understand how different types of online frauds work and take precautions to always be on top of emerging attacks.

  2. Changing your passwords and PINS regularly: - Periodically changing your PINs and passwords is one of the most effective ways to secure your banking details, as even if somehow an attacker gains access to your login details, they will be rendered outdated. Also, make sure not to share OTPs, passwords and PINs with anyone.
  3. Check authenticity of websites and apps: - Some websites and apps might look authentic, but are actually a faked replica of a popular website or application, made by scammers to coerce you into sharing your personal data through their own UI. Checking the authenticity of the apps and websites you access on a daily basis can ensure that your personal data isn’t falsely provided to a scammer.
  4. Keeping track of your account activity: - Keeping a close eye on your banking records and daily transactions can help you to timely report any discrepancies to your bank and stop a major financial loss from taking place.
  5. Use security software: - Using a security app on your phone or PC will exponentially decrease your chances of being exposed to fraud attempts, a trojan horse or malware that can jeopardize your personal financial details. Using android apps like FinLock ensures that you are always a step ahead from your scammers and are protected from the majority of online frauds.
  6. Avoid using public wifi: - Public Wi-Fi are open Wi-Fi hotspots that are seemingly free to use by everybody within its range in restaurants or cafes, but can carry a hefty price tag under the wrong hands. Hackers and scammers regularly use these password free hotspots to steal personal information from your connected devices including the websites you browse or even financial details stored on your phone.

Also read: How Public Wi-Fi is endangering your private life

  1. Cyber Insurance: - This is a specialty lines insurance product that is focused on protecting both individuals or companies from internet based risks including privacy infringements or even financial losses occurred through cyber attacks. With the sudden rise in cyber attacks in recent times, many national insurance agencies have started offering cyber insurance plans to safeguard people in case of falling for an online fraud.

Conclusion

With online frauds like these affecting hundreds of people on a daily basis, securing yourself from cyber attacks is of paramount importance, and can defend you from divulging your personal information or your hard-earned financials from falling into the hands of a scammer. The online frauds discussed above showcase the sheer plethora of options a scammer has in gaining access to your personal device and stealing your information easily. This is why investing in a software that can defend you from the evils of cyberspace is an important step in securing your online data while scouring the wonders of the internet without worrying about people taking advantage of your cadence. Securing yourself with Finlock is thus the best way to ensure a stress-free online experience!

Cyber Insurance in India – The New Western Fad or Less?
Jul 7, 2021

You know this already that Virtual is the new life. Be it News, Entertainment, and Oh, Shopping, everything has shifted online. It has become almost impossible to not get our personal information like email, name, mobile number exposed to online world.

Every e-commerce company, these days, have your card details. Wonder the effects once the databases are compromised? Well, let’s not forget the recent data breaches that constantly take place in e-commerce companies.

Cyber Insurance in India

Cyber-attacks and its impact on business are so much in the limelight right now and data breaches, have been around for quite some time now. There is a lot that goes out to the reach of the fraudsters such as your email, card details, mobile number, and addresses.

Let’s look at some of the very massive and huge data breaches that took place.

Definitely the fraudster is not going to wait now that they have the information they need to move ahead.

Let’s talk of the after effects.

If a business undergoes a cyberattack, there are two risks that comes in parallel: the cost of handling it and the reputational.

Going back to a study done by Accenture and the Ponemon Institute in 2018, the average cost of a malware attack on a company is over $2.5 million and it takes more than 50 days to recover from the attack.

Speaking of recovery, it is pretty normal for businesses to proceed with cyber insurance that will endure their losses and help them recover. Rising cases of cyber threats explains the need for cyber insurance companies in India.

Not just businesses, do you think an individual is safe? Are you safe?

Now that every tiny personal detail is out in the air, it is very obvious before a fraud trade places with you.

Wondering to do/ How to protect yourself from being exposed to financial losses due to cyber crimes? As we said, we have answers and i.e. – Cyber Insurance.

Just like businesses, individuals can also opt for cyber insurance plans. Most of the insurance companies in India offer retail cyber insurance plans.

This is a new concept in India and you might be wondering, is there a need for Cyber Insurance? Or is it just a western fad trying to make its way to blend in?

We have answers and we don’t want to keep all the knowledge to us, therefore, we are going to discuss everything about Cyber Insurance. So, you know what to do, right?

Keep Reading!

Cyber Insurance in India – What is it?

Retail Cyber Insurance, as the name says is an insurance policy that has been designed to ensure financial safety of individuals from digital frauds carries out through phishing, malware or sim-jacking.

Annual premium varies depending on the protection cover you are taking. Premium is not subject to the age of policy holder as it is in the case of life or health insurance.

Some plans not only cover monetary losses but also provide cover against legal defence cost. They also cover third party loss as cyber data breach of an individual may lead to monetary loss of others too.

Wondering how will a Cyber Insurance help?

For starters, if you have the policy, it will help in providing potential coverage to the attack and will help to recover from it, in ways big or small.

However, one thing that you must know about Cyber Insurance is its objectives and the protection it will offer. The best practice is to understand the coverage before signing up for the scheme.

Recently, Global cyber insurance industry was valued at $7.8 billion in 2020 and is making a swift growth at 21% CAGR extending its reach to $13.9 billion in 2023 and $20.4 billion in 2025.

You can clearly see the growth rate of this industry compared to other insurance products/options.

Let’s address the elephant in the room as well when we are mentioning ‘’cyber threats’’ and ‘’cyber attacks’’. It is significant that people understand and have the required knowledge of how cyber insurance is a boon to both i.e., their business and to them.

Cyber Insurance – Why Do You Need It Though?

Before you get any ideas, ladies and gentleman, Cyber Insurance isn’t some silver bullet that aims to take care of your cybersecurity issues. No No.

But having an insurance plan than not having it is a good idea especially when your hard-earned money is at stake. It is like having a safety net which aims to safeguard you in case you go through a loss via cyber threats.

There’s More

The Pandemic has certainly taken a toll on online payments. With more and more individuals moving to the digital means for processing payments, cyber threats have made their way.

With an increase in individuals paving on social media to maintain their timely entertainment, there is also an adverse increase of incidents like cyber-attacks, spyware, phishing emails, and so on.

According to a survey of Indian consumers by FIS in April 2021, 34% of participants reported financial fraud over past 12 months. This figure rises to 41% for those in the age group of 25-29 years.

You probably could be the next victim of a cyber threat. You never know, do you? Better safe than sorry!

This is where cyber insurance comes in.

Regular Cyber Insurance Plans in India Vs FinLock

While you can buy a regular cyber insurance from insurers such as ICICI Lombard or HDFC Ergo, FinLock also offers cyber insurance along with other features.

Let’s look at the comparison for both the options.

Cyber Insurance in India

The above comparison pretty much gives you an insight on a regular cyber insurance vs Finlock.

Regular cyber insurance is a great way to recover your losses when you have been struck by a fraud. Finlock has so much to offer in addition to its comprehensive protection.

FinLock detects various types of fraudulent attempts on your smartphone and alerts you in real-time, thus preventing frauds from happening.

In case fraud does happen, complete post fraud support is provided. Post fraud moments are very traumatic for a victim as they need support and guidance on what to do next. FinLock has been designed for the best customer experience.

Touchpoint

Cyber Insurance, as mentioned earlier is a safety net and having a safety net always adds to sense of relief, doesn’t it?

Alternatively, to prevent yourself from cyber-attacks, you can easily top it off with the layer of preventive measures and keep yourself safe anyway.

All of it sounds good, no? Why not start inculcating it in real lives too?