11.cyber literacy of bank customers - a study in udupi …
TRANSCRIPT
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 102
DOI: 10.5958/2249-6270.2019.00023.0
11. CYBER LITERACY OF BANK CUSTOMERS - A STUDY
IN UDUPI AND D.K DISTRICT
Balaraj D B, Asst. Professor in Commerce , GFGC Hebri
Pradeepa Anand Shetty, Research scholar & Asst. Professor in
Commerce, GFGC Hebri
Abstract
The alarming note for India is, around 80% of the cybercrime will
never get reported. Online shopping and online banking are enhancing
their space in the economic activities. Use of smartphone for the
same is common phenomena. Everything is getting connected, but we are
missing the lines of the safety and security in economic interactions. To
redress this, knowing the ground realities and problems of the parties
concerned is worthy endeavored. The present study focusing on
Cyber literacy among bank customers is an attempt to contribute a
snapshot of reality
Introduction
“Best Thing about Internet is connecting everything and
the worst is unfortunately the best it does”
Banks are transformed from traditional methods of operation to
modern methods. Now Banking sector walking in digital world, this is
because of two reasons one is to reduce operating cost of the bank with
increasing operation speed and other is for provide satisfaction to
customer. Because of advanced technology, footfall in bank reduced
drastically but at the same time footfall in police station for cybercrime
matter is increasing. intelligent banker will try to give necessary protection
to his customer, here customer role and their cyber ethics also very
important. We should know that hackers also intelligent and they also
have advance technology. It is not possible to trace hacker in every
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 103
situation because globe is a jurisdiction for cybercrime. Hacker may be
from any corner of the world, more interestingly he won’t use his identity
to hack someone’s account. Online market is growing very fast; this may
become major opportunity for the hackers to steal amount and
information. India stands 11th in the ranking for cybercrime in the world,
constitutes 3% of global cybercrime. More interestingly 80% of the
cybercrimes are not reported. Online shopping and online banking are
increasing. Use of smartphone for online shopping and online banking is
common phenomena. The best and worst thing about internet is
everything connected and it is global network. The question arises to what
extent customers are aware about cyber security related to their online
shopping and online banking.
Keywords: cyber literacy, cyber crime, online banking
Literature Review
Cassim F. (2009) In the article “Formulating specialized legislation
to address the growing specter of cybercrime: A comparative study”
author made an overview of cyber legislation formulated to address
cybercrime in the United States of America, The United Kingdom,
Australia, India, The gulf Countries and South Africa. The study reveals
that the inability of national laws to address the challenges posed by
cybercrime has led to the introduction of specialized cyber legislation. It is
advocated that countries should introduce new cyber laws to respond to
the rapid change in technology and cybercrimes. There should be
continuous research and training of IT security personnel, financial service
sector personnel, police officers, prosecutors and the judiciary to keep
them abreast of the evolving technology.
Cezar V. (2012) This paper explores the notion of cyber-attack as a
concept for understanding modern conflicts. Author elaborates a
conceptual framework, observing that when it comes to cyber attacks,
cyber war and cyber defence there are no internationally accepted
definitions on the subject. Author suggests that particular attention should
be given to the development of a procedure for clearly discriminating
between events (cyber attacks, cyber war and cyber crime or cyber
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 104
terrorism) and to maintain a procedure for the conduct of nation’s
legitimate military/ civil cyber response operations.
Geetha and V. Malarvizhi (2012) Authors talks about the factor
which are affecting the acceptance of e banking services among the
customers and also indicates level of concern regarding security and
privacy issues in Indian Customers. The paper says many factors like
security, privacy and awareness level increased the acceptance of e
banking among customers, if bank provide necessary guidance and ensure
safety of their accounts customers are willing to use e banking services.
GV Chalam and KS Nageshwara Rao et al, in their paper “E-
banking Applications in Indian Bank- Emerging Issues” have found out
that the security and privacy aspects continue to remain a major challenge
especially in the case of business people who lack awareness. security and
privacy are the biggest hurdles for success of e-banking. The formulated
policy and cyber laws are weak in certain area. Study recommended the
authorities to give priority focus on the area concerned. The breach of
security in E-banking related applications such as internet banking could
result in the siphoning off a large sum of money by perpetrators of
computer crime. Therefore, the banks need to put in place computer
security-related hardware and software such as firewalls, encryption
programs and virus protection software. In the current scenario, legal
issues arising out of siphoning off cash electronically by the computer
criminals will pose a major challenge to Indian banks in the E-banking era.
Objectives of the study
1. To know the types of cyber threats in banking sector.
2. To know the customer awareness about cyber threats in banking
sector. To know the cyber-decency of customer.
3. To know the customer reaction to the cyber threats. To give
suggestion to avoid cyber-threats.
Methodology
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 105
The study is based on primary data and secondary data. The data
collected from the 88 customer of different banks in Udupi and Dakshina
Kannada District, during march 2019 through a structured questionnaire.
Selection of respondents done through convenient simple random
sampling Technique.
Conceptual Framework
Cyber literacy
Cyber literacy is known in many names, often it is called Internet
literacy, multimedia literacy, digital literacy, and online literacy and so on.
“Cybercrimes can be defined as the unlawful acts where the computer is
used either as a tool or a target or both”. The term is a general term that
covers crimes like phishing, credit and debit card frauds, online robbery,
illegal downloading, industrial espionage, child pornography, kidnapping
children via chat rooms, scams, cyber terrorism, creation and/or
distribution of viruses, Spam and so on.
Cyber crimes and cyber laws
Neither crime nor cyber-crime has been defined in IPC or
Information Technology Act, 2000 (Popular by name IT Act), but only
provides punishment for certain offences. The word ‘cyber’ is
synonymous with computer, computer systems and computer network.
Thus, it can be said that cyber-crime occurs when any illegal activity is
committed using a computer or computer resource or computer network
as a tool or target. Douglas and Loader have defined cyber-crime as a
computer mediated activity which is conducted through global electronic
networks that are either considered illicit or illegal by certain parties.
Cybercrimes have been classified into four categories by Wall. They are
cyber-deceptions, cyber-violence, cyber-pornography and cyber-trespass.
The frauds in e-banking sector are covered under cyber-deception. Cyber-
deception is further defined as an immoral activity which includes theft,
credit card fraud, and intellectual property violations. Mostly frauds are
committed because of two goals, one, to gain access to the user’s account
and steal his personal information and transfer funds from one account to
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 106
another. Second is to undermine the image of the bank and block the bank
server because so that the customer is unable to access his account.
Common cyber threats in banking: Phishing
In this method information stealer request personal information
from users online. These requests are in the form of email. In many cases,
the email has been made to look exactly like a real organization’s email
would appear with complete organization information.
Vishing
Vishing is an attempt of a fraudster to take confidential details from
you over a phone call. Details like user id, login & transaction password,
OTP (One-time password), URN (Unique registration number), Card PIN,
Grid card values, CVV or any personal parameters such as date of birth,
mother's maiden name. Fraudsters claim to represent banks and attempt
to trick customers into providing their personal and financial details over
the phone. These details will then be used to conduct fraudulent activities
on your account without your permission leading to financial loss.
Pharming
It is also called farming. In this attack whenever a user tries to
access a website, he/ she will be redirected to a fake site. In Pharming a
bank’s URL is hijacked by the attackers in such a manner that when a
customer log in to the bank website they are redirected to another website
which is fake but looks like an original website of the bank.
Spyware
Spyware is the number one way that online banking credentials are
stolen and used for fraudulent activities. Spyware works by capturing
information either on the computer, or while it is transmitted between the
computer and websites. Often times, it is installed through fake “pop up”
ads asking to download software. Industry standard Antivirus products
detect and remove software of this type, usually by blocking the download
and installation before it can infect the computer.
Watering hole
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 107
“Watering hole” cyber fraud is considered to be a branch arising
from phishing attacks. In watering hole, a malicious code is injected onto
public web pages of a website which is visited only by a small group of
people. In a watering hole attack situation, when the victim visit the site
injected with malicious code by attackers the information of such victim is
then traced by the attacker. In phishing attack, victim himself gives away
information innocently whereas in watering hole the attacker waits for the
victim to visit the site.
Skimming
Skimming is an act of stealing information through the magnetic
strip on the card that are used in ATMs and merchant establishments.
Fraudsters collect information from a credit/debit/ATM card by reading
the magnetic strip on the reverse of the card. For doing this, they conceal
the small device in the card slot of the ATM. This skimmer scans the card
detail and stores its information.
Spoofing
Website spoofing is the act of creating a website, as a hoax, with the
intention of performing fraud. To make spoof sites seem legitimate,
phishers use the names, logos, graphics and even code of the actual
website. They can even fake the URL that appears in the address field at
the top of your browser window and the Padlock icon that appears at the
bottom right corner.
Need of the study
Digital banking is not an option, it is part of development and,
therefore, digital literacy must be comprehensive. cyber-attacks are on a
rise. Fraudsters are on the lookout for finding weaknesses both from bank
and customer angles. Stealing identity and pilfering digital money is
possible in many ways, unless the customer is cautious and joins banks
and regulators in safeguarding digital banking space. The digital mode is
convenient and accessible any time, but unless the user is conscious about
operational risks, it will be difficult to ensure customer protection.
Limitations of the study:
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 108
The research paper was aimed to achieve defined objectives,
although there were certain limitations:
The study was conducted targeting the bank customer of Udupi
and Dakshina kannada region only.
The primary data has been collected through questionnaire
(delivered through online) to a sample of 88 customers in Udupi and
Dakshina kannada region which may not reflect the opinion of the all the
customers in the region.
Data analysis and interpretation
Age of respondents
Age Number of respondents %
20 yrs -29 yrs 62 70.5%
30 yrs-39 yrs 20 22.7%
40 yrs-49 yrs 04 4.5%
50 and above 02 2.3%
70.5% of the respondents belongs to age group 20 years to 29 years. 22.7%
respondents belong to age group 30 years to 39 years.
Education level
Education Number of respondents %
Below graduation 01 1.1%
Graduate 9 10.2%
Post graduate 78 88.7%
88.7% of the respondents had post graduate degree in different stream.
10.2% are graduates.
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 109
Occupation
occupation Number of respondents %
Employee 76 86.3%
Own Business 07 8%
Other 05 5.7%
86.4% respondents are employees in different sectors. 5.6% have
their own business and 8% are engaged in other occupations
.
Annual income in rupees
In rupees Number of respondents %
1,50,000 to 2,50,000 25 28.4%
2,50,000 to 4,00,000 30 34.1%
4,00,000 to 5,50,000 06 6.8%
above 5,50,000 27 30.7%
34.1% are in income band of Rs 2,50,000 to 4,00,000. 30.7% are in
income group above 5,50,000 per year and 28.4% fall in the annual income
group Rs.1,50,000 to 2,50,000.
Having credit card
Response Number of respondent %
Yes 87 98.9%
No 1 1.1%
98.9% among the respondents have debit or credit card.
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 110
Identity theft awareness
Response Number of respondents %
Yes 53 60.2%
No 35 39.8%
60.2% respondents have heard identity theft. 39.8% have not heard
term identity theft even though they are graduated and post graduated.
Common cyber threats that customers are aware of.
Spyware is familiar for 51% of the respondents. Phishing and
bugging stands in the second position with 38.6%. skimming stands in the
third position with 33% in customer awareness. But there is very less
awareness about pharming (only 6.8%) and watering the whole (3.4%).
Only 14.8% are aware about all the cyber threats. Notably 18.2% of the
respondents are not aware about any of the threats mentioned above.
Habit of storing debit and credit card information in smartphone and
computers.
Response Number of respondents
Always 13
Sometimes 32
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 111
Never 43
48.9% replied that they never store debit and credit card
information in smartphone or computers. 36.4% store the information
sometimes. Now the concern is for 14.4% of the respondents those who
always store information in mobile or computer. Cyber-attack chances are
high.
Customer credential enquiry by bank
Response Number of respondents %
Yes 06 6.8%
No 80 90.9%
Don’t know 02 2.3%
Among the respondents 90.90% are aware that, banker never ask
secret information over the phone or mail.
Requesting for bank account and card detail by third party
Response Number of respondents %
Yes 47 53.40%
No 31 46.60%
53.4% of respondents received an enquiry and 46.60% respondents
didn’t receive any enquiry.
Mode through which they have received such enquiry
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 112
Out of 88 respondents, 47 respondents have received an enquiry.
55.1% of such enquiry will came through either SMS or call. Only 32.7%
will come through email. High use of mobile and infrequent access to
email may be the reason. 41 respondents didn’t receive any.
Report to concerned authority about the enquiry
Response Number of respondents %
Yes, always 09 19.14%
Yes, sometimes 25 53.19%
Never 13 27.65%
Only 19.14% reported such incidents to police or bank regularly.
53.19 inform sometimes. 27.65% never reported such fake enquiries to
either police or bank.
Whom they prefer to report
To whom Number of respondents %
Banker 60 68.2%
Police 19 21.6%
Tele or Internet service provider 09 10.2%
68.2% of the respondents prefers to report first to banker. 21.6%
prefers to report first to police.10.2% prefers to report first to Tele or
Internet service provider.
Disclosing bank details to third party
Response Number of respondents %
Yes, 85 96.6%
No 03 3.4%
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 113
96.6% respondents not disclosed the bank details. 3.4% (3
respondents) of the respondent have disclosed bank details to third party.
Out of these three, 2 respondents lost their money to internet fraudsters.
Lost money for internet fraudster
Response Number of respondents %
Yes, 83 94.3%
No 05 5.7%
Out of 88 respondents, 94.3% (83 respondents) respondents didn’t
incur any monetary loss. 5.7%( 5 respondents) have lost money for internet
fraudster. Out of these five, 2 respondents have shared their details.
Having E-banking and payments app
Response Number of respondents %
Yes, 83 92%
No 07 8%
92% have active e-banking and payment app. This may be because
of Most of the respondents are belong to age group 20 year to 39 years i.e.
young group and normally they are technology savvy.
Safety of online operation- customer perception
Response Number of respondents %
Highly secured 14 15.9%
Moderately secured 61 69.3%
Not secured 06 6.8%
I don’t know 07 8%
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 114
Among the respondents 69.3% opined that online operations are
moderately secured. 15.9% opined that online bank operations are highly
safe. Only 6.8% said that online transactions are not safe. 8% respondents
don’t have any idea about it
Genuineness verification of third party app third party app
Response Number of respondents
Yes 51
No 15
I don’t know how to verify 21
I know how to verify but won’t
because it prolongs
1
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 115
58% of respondents (51 respondents) verify the genuineness of third
party app while downloading in mobile or computer. 23.9% (21
respondents) don’t know how to verify. 17% (15 respondents) won’t verify
the genuineness, they simply download it. 1.1% not do because of time lag
in it.
Password Creation
Response Number of respondents
By using self-information (name, mobile number,
date of birth etc.).
16
By using name of relatives and close person. 01
Easy to remember formats (123., 0000, 1122 etc.). 04
Combination of letters, numbers and punctuations. 21
Sorry! I can’t say this 46
Among the respondent 52.3% are cautious, as they were not shared
anything about it. The remaining 47.7% are revealed that how they set
password. Out of this 18.2% by using self- information, 4.5% easy
remember format, 23.9% combination of letter number and special
character.1.1% use close person name as password.
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 116
Frequency of password change
Response Number of respondents
Once in a fortnight 12
Once in a month 16
Semi Annually 25
Once in Year 12
Never 23
Among the respondents 28.4% change only twice in a year. 26.1%
never changed password since the beginning, 18.2% change once in a
month, 13.6% change their password once in 15 days and 13.6% are once
in a year.
Fake website recognition
response Number of respondents
Always 16
Sometimes 47
I can’t 25
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 117
When we asked about their ability to differentiate fake and real
website, 53.4% were said that, sometime they are able to recognize, 28.4%
(25 respondents) respondents are not in position to differentiate and Only
18.2% can identify fake websites all the time.
Cyber education by bank to customer about cyber threats.
% opined that bank send only text messages. 30.7% received email
from their respective bank. Only 11.4% opined that banks conduct
awareness programme. 19.3% opined that banks do very less to educate
their customer.
Findings
Majority of bank customers have heard identity theft (60. 2%). It is
noteworthy that, a significant portion of the customers (39.8%) have not
heard the term ‘identity theft’ even though they were graduates and post
graduates.
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 118
The knowledge about probable threats among the banking
customer is not desirable. Only 14.8% are aware about all the cyber
threats. Notably 18.2% of the respondents are not aware about any of the
cyber threats.
14.4%(13 respondents) always store debit and credit card
information in smartphone and computers. Out of these 13 respondents 7
respondents won’t verify the genuineness of third party app while
downloading in their smartphone and computer.
Majority of respondents (53.4%) received an enquiry about bank
details by third party; of such enquiry usually came through either SMS or
call (55.1%.) Only 32.7% will come through email. High use of mobile and
infrequent access to email may be the reason.
The regular reporting of fake enquiries that ask for personal bank
details to either police or bank is very low (19.14%). The result is
compatible with NCRB report which says 80% of cybercrimes are not
reported.
Positive side of the finding is , majority of bank customers (96.6%)
not disclosed the bank details. Few have disclosed their bank details to
third party (3) out of which, 2 respondents lost their money to internet
fraudsters.
Majority of bank customers (92%) have active e-banking and
payment app. This may be because of Most of the respondents are belong
to age group 20 year to 39 years i.e. young group and normally they are
technology savvy.
Most of the bank customers (42%) won’t verify the genuineness of
third party app while downloading in mobile or computer.
Most of them (47.7%) were revealed that how they set password.
Out of this 18.2% by using self-information, 4.5% common format.
26.1% never changed password since the inception of use of
services. 28.4% change only twice in a year. 13.6% once in a year. This
attitude also increases the chances of becoming cyber victim.
Differentiating the fake and real website is also a challenge.
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 119
In majority cases bank send only text messages to educate its
customers about cyber threats. But it may not be an effective mode of
communication.
Suggestions
Banker needs to conduct programme to create awareness about
cyber threats and they need to inform about precautions to be taken while
using e-banking.
Never keep username, account name and passwords at one place.
Always try to remember passwords. Customer need to know how to
create strong password. They should avoid setting password by using
personal information, easy/common format.
Never click web links in your e-mail and usually no bank will ask
you to update the accounts through online.
Delete all cookies and history file before you perform online
transactions. Delete all the history and cookies once you are done with
online transactions.
Avoid accessing online banking in cyber cafes. Do not click any
images in the web sites if you are unsure.
Customer need to learn how to verify genuineness of the app and
they need to learn how to identify the fake website.
Avoidance of fake call/emails is not medicine to prevent cyber
threats. The biggest cyber threat is ‘it won’t happen to us’ attitude of the
people. Everyone must report to police or bank regarding fake enquiries
about personal bank details.
Before you go for online shopping make sure your PC is secured
with all core protections like an antivirus, anti-spyware, firewall, system
updated with all patches and web browser security with the trusted sites
and security level at high.
Always remember prevention is better than cure.
Conclusion
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 120
The study has provided an overview to cyber-crimes, identified
specifically in the banking sector. Now banking is supported with high
technology. This technology may pave opportunity as well as may pose
challenge to banker and customer. Success the banker depends on how he
gains credibility of customer. The credibility depends on how he provides
security to customers’ money. To prevent cyber threats customer role also
very important. This paper explained cyber decency of the customer while
using technology. Updating bank’s system not enough to prevent cyber
threats but educating the customer in use of technology is also important.
BIBLIOGRAPHY
http://indianexpress.com/article/cities/pune/onlinebankfraudagai
nwomandupedofrs35000/
ChangsokYoo, Byung-Tak Kang and Huy Kang Kim, (2015) Case
study of the vulnerability of OTP implemented in internet banking
systems of South Korea‖, Multimed Tools Appl ,vol. 74, pp. 3289–
3303.
http://indianexpress.com/article/cities/pune/cybercrimeinpuneun
secureddigitalindiadangerous/ www.infosecawareness.in
Mr. Shakir Shaik and Dr. S.A. Sameera, "Security Issues in E-banking
Services in Indian Scenario", Asian Journal of Management Sciences
02 (03 (Special Issue)), 2014, pp 28-30.
https://www.icicibank.com/online-safe-
banking/vishing.page?#toptitle
https://www.icicibank.com/online-safe-
banking/spoofing.page?#toptitle
https://www.icicibank.com/online-safe-banking/skimming.page
Dr. Devaraju et al., International Journal of Advance Research in
Computer Science and Management Studies Volume 4, Issue 11,
November 2016 pg. 114-120 © 2016, IJARCSMS All
ISSN: 2321-7782 (Online) 117
http://indianexpress.com/article/cities/pune/cybercrimeinpuneun
secureddigitalindiadangerous/ 41 Supra Note 59 Volume 3, (2016),
International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019
ISSN: 2249-6270 Page 121
May “ISSN 2455-2488” “Udgam Vigyati” – The Origin of Knowledge
Page 14
24 Aparna Desikan, Mobiles making India less cash conscious, Times
of India, 22nd February, 2016, pg 1. Volume 3, (2016), May “ISSN
2455-2488” “Udgam Vigyati” – The Origin of
Knowledge Page 9
https://www.thesslstore.com/blog/2018-cybercrime-statistics/
https://economictimes.indiatimes.com/articleshow/67769776.cms?f
rom=mdr&utm_source=conte
ntofinterest&utm_medium=text&utm_campaign=cppst