11.cyber literacy of bank customers - a study in udupi …

International Journal of Social and Economic Research Volume-9, Issue-3 (July-Sept), 2019

ISSN: 2249-6270 02

DOI: 10.5958/2249-6270.2019.00023.0

11. CYBER LITERACY OF BANK CUSTOMERS - A STUDY

IN UDUPI AND D.K DISTRICT

Balaraj D B, Asst. Professor in Commerce , GFGC Hebri

Pradeepa Anand Shetty, Research scholar & Asst. Professor in

Commerce, GFGC Hebri

Abstract

The alarming note for India is, around 80% of the cybercrime will

never get reported. Online shopping and online banking are enhancing

their space in the economic activities. Use of smartphone for the

same is common phenomena. Everything is getting connected, but we are

missing the lines of the safety and security in economic interactions. To

redress this, knowing the ground realities and problems of the parties

concerned is worthy endeavored. The present study focusing on

Cyber literacy among bank customers is an attempt to contribute a

snapshot of reality

Introduction

“Best Thing about Internet is connecting everything and

the worst is unfortunately the best it does”

Banks are transformed from traditional methods of operation to

modern methods. Now Banking sector walking in digital world, this is

because of two reasons one is to reduce operating cost of the bank with

increasing operation speed and other is for provide satisfaction to

customer. Because of advanced technology, footfall in bank reduced

drastically but at the same time footfall in police station for cybercrime

matter is increasing. intelligent banker will try to give necessary protection

to his customer, here customer role and their cyber ethics also very

important. We should know that hackers also intelligent and they also

have advance technology. It is not possible to trace hacker in every


ISSN: 2249-6270 Page 103

situation because globe is a jurisdiction for cybercrime. Hacker may be

from any corner of the world, more interestingly he won’t use his identity

to hack someone’s account. Online market is growing very fast; this may

become major opportunity for the hackers to steal amount and

information. India stands 11th in the ranking for cybercrime in the world,

constitutes 3% of global cybercrime. More interestingly 80% of the

cybercrimes are not reported. Online shopping and online banking are

increasing. Use of smartphone for online shopping and online banking is

common phenomena. The best and worst thing about internet is

everything connected and it is global network. The question arises to what

extent customers are aware about cyber security related to their online

shopping and online banking.

Keywords: cyber literacy, cyber crime, online banking

Literature Review

Cassim F. (2009) In the article “Formulating specialized legislation

to address the growing specter of cybercrime: A comparative study”

author made an overview of cyber legislation formulated to address

cybercrime in the United States of America, The United Kingdom,

Australia, India, The gulf Countries and South Africa. The study reveals

that the inability of national laws to address the challenges posed by

cybercrime has led to the introduction of specialized cyber legislation. It is

advocated that countries should introduce new cyber laws to respond to

the rapid change in technology and cybercrimes. There should be

continuous research and training of IT security personnel, financial service

sector personnel, police officers, prosecutors and the judiciary to keep

them abreast of the evolving technology.

Cezar V. (2012) This paper explores the notion of cyber-attack as a

concept for understanding modern conflicts. Author elaborates a

conceptual framework, observing that when it comes to cyber attacks,

cyber war and cyber defence there are no internationally accepted

definitions on the subject. Author suggests that particular attention should

be given to the development of a procedure for clearly discriminating

between events (cyber attacks, cyber war and cyber crime or cyber


ISSN: 2249-6270 Page 104

terrorism) and to maintain a procedure for the conduct of nation’s

legitimate military/ civil cyber response operations.

Geetha and V. Malarvizhi (2012) Authors talks about the factor

which are affecting the acceptance of e banking services among the

customers and also indicates level of concern regarding security and

privacy issues in Indian Customers. The paper says many factors like

security, privacy and awareness level increased the acceptance of e

banking among customers, if bank provide necessary guidance and ensure

safety of their accounts customers are willing to use e banking services.

GV Chalam and KS Nageshwara Rao et al, in their paper “E-

banking Applications in Indian Bank- Emerging Issues” have found out

that the security and privacy aspects continue to remain a major challenge

especially in the case of business people who lack awareness. security and

privacy are the biggest hurdles for success of e-banking. The formulated

policy and cyber laws are weak in certain area. Study recommended the

authorities to give priority focus on the area concerned. The breach of

security in E-banking related applications such as internet banking could

result in the siphoning off a large sum of money by perpetrators of

computer crime. Therefore, the banks need to put in place computer

security-related hardware and software such as firewalls, encryption

programs and virus protection software. In the current scenario, legal

issues arising out of siphoning off cash electronically by the computer

criminals will pose a major challenge to Indian banks in the E-banking era.

Objectives of the study

1. To know the types of cyber threats in banking sector.

2. To know the customer awareness about cyber threats in banking

sector. To know the cyber-decency of customer.

3. To know the customer reaction to the cyber threats. To give

suggestion to avoid cyber-threats.

Methodology


ISSN: 2249-6270 Page 105

The study is based on primary data and secondary data. The data

collected from the 88 customer of different banks in Udupi and Dakshina

Kannada District, during march 2019 through a structured questionnaire.

Selection of respondents done through convenient simple random

sampling Technique.

Conceptual Framework

Cyber literacy

Cyber literacy is known in many names, often it is called Internet

literacy, multimedia literacy, digital literacy, and online literacy and so on.

“Cybercrimes can be defined as the unlawful acts where the computer is

used either as a tool or a target or both”. The term is a general term that

covers crimes like phishing, credit and debit card frauds, online robbery,

illegal downloading, industrial espionage, child pornography, kidnapping

children via chat rooms, scams, cyber terrorism, creation and/or

distribution of viruses, Spam and so on.

Cyber crimes and cyber laws

Neither crime nor cyber-crime has been defined in IPC or

Information Technology Act, 2000 (Popular by name IT Act), but only

provides punishment for certain offences. The word ‘cyber’ is

synonymous with computer, computer systems and computer network.

Thus, it can be said that cyber-crime occurs when any illegal activity is

committed using a computer or computer resource or computer network

as a tool or target. Douglas and Loader have defined cyber-crime as a

computer mediated activity which is conducted through global electronic

networks that are either considered illicit or illegal by certain parties.

Cybercrimes have been classified into four categories by Wall. They are

cyber-deceptions, cyber-violence, cyber-pornography and cyber-trespass.

The frauds in e-banking sector are covered under cyber-deception. Cyber-

deception is further defined as an immoral activity which includes theft,

credit card fraud, and intellectual property violations. Mostly frauds are

committed because of two goals, one, to gain access to the user’s account

and steal his personal information and transfer funds from one account to


ISSN: 2249-6270 Page 106

another. Second is to undermine the image of the bank and block the bank

server because so that the customer is unable to access his account.

Common cyber threats in banking: Phishing

In this method information stealer request personal information

from users online. These requests are in the form of email. In many cases,

the email has been made to look exactly like a real organization’s email

would appear with complete organization information.

Vishing

Vishing is an attempt of a fraudster to take confidential details from

you over a phone call. Details like user id, login & transaction password,

OTP (One-time password), URN (Unique registration number), Card PIN,

Grid card values, CVV or any personal parameters such as date of birth,

mother's maiden name. Fraudsters claim to represent banks and attempt

to trick customers into providing their personal and financial details over

the phone. These details will then be used to conduct fraudulent activities

on your account without your permission leading to financial loss.

Pharming

It is also called farming. In this attack whenever a user tries to

access a website, he/ she will be redirected to a fake site. In Pharming a

bank’s URL is hijacked by the attackers in such a manner that when a

customer log in to the bank website they are redirected to another website

which is fake but looks like an original website of the bank.

Spyware

Spyware is the number one way that online banking credentials are

stolen and used for fraudulent activities. Spyware works by capturing

information either on the computer, or while it is transmitted between the

computer and websites. Often times, it is installed through fake “pop up”

ads asking to download software. Industry standard Antivirus products

detect and remove software of this type, usually by blocking the download

and installation before it can infect the computer.

Watering hole


ISSN: 2249-6270 Page 107

“Watering hole” cyber fraud is considered to be a branch arising

from phishing attacks. In watering hole, a malicious code is injected onto

public web pages of a website which is visited only by a small group of

people. In a watering hole attack situation, when the victim visit the site

injected with malicious code by attackers the information of such victim is

then traced by the attacker. In phishing attack, victim himself gives away

information innocently whereas in watering hole the attacker waits for the

victim to visit the site.

Skimming

Skimming is an act of stealing information through the magnetic

strip on the card that are used in ATMs and merchant establishments.

Fraudsters collect information from a credit/debit/ATM card by reading

the magnetic strip on the reverse of the card. For doing this, they conceal

the small device in the card slot of the ATM. This skimmer scans the card

detail and stores its information.

Spoofing

Website spoofing is the act of creating a website, as a hoax, with the

intention of performing fraud. To make spoof sites seem legitimate,

phishers use the names, logos, graphics and even code of the actual

website. They can even fake the URL that appears in the address field at

the top of your browser window and the Padlock icon that appears at the

bottom right corner.

Need of the study

Digital banking is not an option, it is part of development and,

therefore, digital literacy must be comprehensive. cyber-attacks are on a

rise. Fraudsters are on the lookout for finding weaknesses both from bank

and customer angles. Stealing identity and pilfering digital money is

possible in many ways, unless the customer is cautious and joins banks

and regulators in safeguarding digital banking space. The digital mode is

convenient and accessible any time, but unless the user is conscious about

operational risks, it will be difficult to ensure customer protection.

Limitations of the study:


ISSN: 2249-6270 Page 108

The research paper was aimed to achieve defined objectives,

although there were certain limitations:

The study was conducted targeting the bank customer of Udupi

and Dakshina kannada region only.

The primary data has been collected through questionnaire

(delivered through online) to a sample of 88 customers in Udupi and

Dakshina kannada region which may not reflect the opinion of the all the

customers in the region.

Data analysis and interpretation

Age of respondents

Age Number of respondents %

20 yrs -29 yrs 62 70.5%

30 yrs-39 yrs 20 22.7%

40 yrs-49 yrs 04 4.5%

50 and above 02 2.3%

70.5% of the respondents belongs to age group 20 years to 29 years. 22.7%

respondents belong to age group 30 years to 39 years.

Education level

Education Number of respondents %

Below graduation 01 1.1%

Graduate 9 10.2%

Post graduate 78 88.7%

88.7% of the respondents had post graduate degree in different stream.

10.2% are graduates.


ISSN: 2249-6270 Page 109

Occupation

occupation Number of respondents %

Employee 76 86.3%

Own Business 07 8%

Other 05 5.7%

86.4% respondents are employees in different sectors. 5.6% have

their own business and 8% are engaged in other occupations

.

Annual income in rupees

In rupees Number of respondents %

1,50,000 to 2,50,000 25 28.4%

2,50,000 to 4,00,000 30 34.1%

4,00,000 to 5,50,000 06 6.8%

above 5,50,000 27 30.7%

34.1% are in income band of Rs 2,50,000 to 4,00,000. 30.7% are in

income group above 5,50,000 per year and 28.4% fall in the annual income

group Rs.1,50,000 to 2,50,000.

Having credit card

Response Number of respondent %

Yes 87 98.9%

No 1 1.1%

98.9% among the respondents have debit or credit card.


ISSN: 2249-6270 Page 110

Identity theft awareness

Response Number of respondents %

Yes 53 60.2%

No 35 39.8%

60.2% respondents have heard identity theft. 39.8% have not heard

term identity theft even though they are graduated and post graduated.

Common cyber threats that customers are aware of.

Spyware is familiar for 51% of the respondents. Phishing and

bugging stands in the second position with 38.6%. skimming stands in the

third position with 33% in customer awareness. But there is very less

awareness about pharming (only 6.8%) and watering the whole (3.4%).

Only 14.8% are aware about all the cyber threats. Notably 18.2% of the

respondents are not aware about any of the threats mentioned above.

Habit of storing debit and credit card information in smartphone and

computers.

Response Number of respondents

Always 13

Sometimes 32


ISSN: 2249-6270 Page 111

Never 43

48.9% replied that they never store debit and credit card

information in smartphone or computers. 36.4% store the information

sometimes. Now the concern is for 14.4% of the respondents those who

always store information in mobile or computer. Cyber-attack chances are

high.

Customer credential enquiry by bank


Yes 06 6.8%

No 80 90.9%

Don’t know 02 2.3%

Among the respondents 90.90% are aware that, banker never ask

secret information over the phone or mail.

Requesting for bank account and card detail by third party


Yes 47 53.40%

No 31 46.60%

53.4% of respondents received an enquiry and 46.60% respondents

didn’t receive any enquiry.

Mode through which they have received such enquiry


ISSN: 2249-6270 2

Out of 88 respondents, 47 respondents have received an enquiry.

55.1% of such enquiry will came through either SMS or call. Only 32.7%

will come through email. High use of mobile and infrequent access to

email may be the reason. 41 respondents didn’t receive any.

Report to concerned authority about the enquiry


Yes, always 09 19.14%

Yes, sometimes 25 53.19%

Never 13 27.65%

Only 19.14% reported such incidents to police or bank regularly.

53.19 inform sometimes. 27.65% never reported such fake enquiries to

either police or bank.

Whom they prefer to report

To whom Number of respondents %

Banker 60 68.2%

Police 19 21.6%

Tele or Internet service provider 09 10.2%

68.2% of the respondents prefers to report first to banker. 21.6%

prefers to report first to police.10.2% prefers to report first to Tele or

Internet service provider.

Disclosing bank details to third party


Yes, 85 96.6%

No 03 3.4%


ISSN: 2249-6270 Page 113

96.6% respondents not disclosed the bank details. 3.4% (3

respondents) of the respondent have disclosed bank details to third party.

Out of these three, 2 respondents lost their money to internet fraudsters.

Lost money for internet fraudster


Yes, 83 94.3%

No 05 5.7%

Out of 88 respondents, 94.3% (83 respondents) respondents didn’t

incur any monetary loss. 5.7%( 5 respondents) have lost money for internet

fraudster. Out of these five, 2 respondents have shared their details.

Having E-banking and payments app


Yes, 83 92%

No 07 8%

92% have active e-banking and payment app. This may be because

of Most of the respondents are belong to age group 20 year to 39 years i.e.

young group and normally they are technology savvy.

Safety of online operation- customer perception


Highly secured 14 15.9%

Moderately secured 61 69.3%

Not secured 06 6.8%

I don’t know 07 8%


ISSN: 2249-6270 Page 114

Among the respondents 69.3% opined that online operations are

moderately secured. 15.9% opined that online bank operations are highly

safe. Only 6.8% said that online transactions are not safe. 8% respondents

don’t have any idea about it

Genuineness verification of third party app third party app


Yes 51

No 15

I don’t know how to verify 21

I know how to verify but won’t

because it prolongs

1


ISSN: 2249-6270 Page 115

58% of respondents (51 respondents) verify the genuineness of third

party app while downloading in mobile or computer. 23.9% (21

respondents) don’t know how to verify. 17% (15 respondents) won’t verify

the genuineness, they simply download it. 1.1% not do because of time lag

in it.

Password Creation


By using self-information (name, mobile number,

date of birth etc.).

16

By using name of relatives and close person. 01

Easy to remember formats (123., 0000, 1122 etc.). 04

Combination of letters, numbers and punctuations. 21

Sorry! I can’t say this 46

Among the respondent 52.3% are cautious, as they were not shared

anything about it. The remaining 47.7% are revealed that how they set

password. Out of this 18.2% by using self- information, 4.5% easy

remember format, 23.9% combination of letter number and special

character.1.1% use close person name as password.


ISSN: 2249-6270 Page 116

Frequency of password change


Once in a fortnight 12

Once in a month 16

Semi Annually 25

Once in Year 12

Never 23

Among the respondents 28.4% change only twice in a year. 26.1%

never changed password since the beginning, 18.2% change once in a

month, 13.6% change their password once in 15 days and 13.6% are once

in a year.

Fake website recognition

response Number of respondents

Always 16

Sometimes 47

I can’t 25


ISSN: 2249-6270 Page 117

When we asked about their ability to differentiate fake and real

website, 53.4% were said that, sometime they are able to recognize, 28.4%

(25 respondents) respondents are not in position to differentiate and Only

18.2% can identify fake websites all the time.

Cyber education by bank to customer about cyber threats.

% opined that bank send only text messages. 30.7% received email

from their respective bank. Only 11.4% opined that banks conduct

awareness programme. 19.3% opined that banks do very less to educate

their customer.

Findings

Majority of bank customers have heard identity theft (60. 2%). It is

noteworthy that, a significant portion of the customers (39.8%) have not

heard the term ‘identity theft’ even though they were graduates and post

graduates.


ISSN: 2249-6270 Page 118

The knowledge about probable threats among the banking

customer is not desirable. Only 14.8% are aware about all the cyber

threats. Notably 18.2% of the respondents are not aware about any of the

cyber threats.

14.4%(13 respondents) always store debit and credit card

information in smartphone and computers. Out of these 13 respondents 7

respondents won’t verify the genuineness of third party app while

downloading in their smartphone and computer.

Majority of respondents (53.4%) received an enquiry about bank

details by third party; of such enquiry usually came through either SMS or

call (55.1%.) Only 32.7% will come through email. High use of mobile and

infrequent access to email may be the reason.

The regular reporting of fake enquiries that ask for personal bank

details to either police or bank is very low (19.14%). The result is

compatible with NCRB report which says 80% of cybercrimes are not

reported.

Positive side of the finding is , majority of bank customers (96.6%)

not disclosed the bank details. Few have disclosed their bank details to

third party (3) out of which, 2 respondents lost their money to internet

fraudsters.

Majority of bank customers (92%) have active e-banking and

payment app. This may be because of Most of the respondents are belong

to age group 20 year to 39 years i.e. young group and normally they are

technology savvy.

Most of the bank customers (42%) won’t verify the genuineness of

third party app while downloading in mobile or computer.

Most of them (47.7%) were revealed that how they set password.

Out of this 18.2% by using self-information, 4.5% common format.

26.1% never changed password since the inception of use of

services. 28.4% change only twice in a year. 13.6% once in a year. This

attitude also increases the chances of becoming cyber victim.

Differentiating the fake and real website is also a challenge.


ISSN: 2249-6270 Page 119

In majority cases bank send only text messages to educate its

customers about cyber threats. But it may not be an effective mode of

communication.

Suggestions

Banker needs to conduct programme to create awareness about

cyber threats and they need to inform about precautions to be taken while

using e-banking.

Never keep username, account name and passwords at one place.

Always try to remember passwords. Customer need to know how to

create strong password. They should avoid setting password by using

personal information, easy/common format.

Never click web links in your e-mail and usually no bank will ask

you to update the accounts through online.

Delete all cookies and history file before you perform online

transactions. Delete all the history and cookies once you are done with

online transactions.

Avoid accessing online banking in cyber cafes. Do not click any

images in the web sites if you are unsure.

Customer need to learn how to verify genuineness of the app and

they need to learn how to identify the fake website.

Avoidance of fake call/emails is not medicine to prevent cyber

threats. The biggest cyber threat is ‘it won’t happen to us’ attitude of the

people. Everyone must report to police or bank regarding fake enquiries

about personal bank details.

Before you go for online shopping make sure your PC is secured

with all core protections like an antivirus, anti-spyware, firewall, system

updated with all patches and web browser security with the trusted sites

and security level at high.

Always remember prevention is better than cure.

Conclusion


ISSN: 2249-6270 Page 120

The study has provided an overview to cyber-crimes, identified

specifically in the banking sector. Now banking is supported with high

technology. This technology may pave opportunity as well as may pose

challenge to banker and customer. Success the banker depends on how he

gains credibility of customer. The credibility depends on how he provides

security to customers’ money. To prevent cyber threats customer role also

very important. This paper explained cyber decency of the customer while

using technology. Updating bank’s system not enough to prevent cyber

threats but educating the customer in use of technology is also important.

BIBLIOGRAPHY

http://indianexpress.com/article/cities/pune/onlinebankfraudagai

nwomandupedofrs35000/

ChangsokYoo, Byung-Tak Kang and Huy Kang Kim, (2015) Case

study of the vulnerability of OTP implemented in internet banking

systems of South Korea‖, Multimed Tools Appl ,vol. 74, pp. 3289–

3303.

http://indianexpress.com/article/cities/pune/cybercrimeinpuneun

secureddigitalindiadangerous/ www.infosecawareness.in

Mr. Shakir Shaik and Dr. S.A. Sameera, "Security Issues in E-banking

Services in Indian Scenario", Asian Journal of Management Sciences

02 (03 (Special Issue)), 2014, pp 28-30.

https://www.icicibank.com/online-safe-

banking/vishing.page?#toptitle

https://www.icicibank.com/online-safe-

banking/spoofing.page?#toptitle

https://www.icicibank.com/online-safe-banking/skimming.page

Dr. Devaraju et al., International Journal of Advance Research in

Computer Science and Management Studies Volume 4, Issue 11,

November 2016 pg. 114-120 © 2016, IJARCSMS All

ISSN: 2321-7782 (Online) 117

http://indianexpress.com/article/cities/pune/cybercrimeinpuneun

secureddigitalindiadangerous/ 41 Supra Note 59 Volume 3, (2016),

http://indianexpress.com/article/cities/pune/onlinebankfraudagainwomandupedofrs35000/

http://indianexpress.com/article/cities/pune/onlinebankfraudagainwomandupedofrs35000/

http://indianexpress.com/article/cities/pune/cybercrimeinpuneunsecureddigitalindiadangerous/


http://www.infosecawareness.in/

https://www.icicibank.com/online-safe-banking/vishing.page?&toptitle

https://www.icicibank.com/online-safe-banking/vishing.page?&toptitle

https://www.icicibank.com/online-safe-banking/spoofing.page?&toptitle

https://www.icicibank.com/online-safe-banking/spoofing.page?&toptitle

https://www.icicibank.com/online-safe-banking/skimming.page




ISSN: 2249-6270 Page 121

May “ISSN 2455-2488” “Udgam Vigyati” – The Origin of Knowledge

Page 14

24 Aparna Desikan, Mobiles making India less cash conscious, Times

of India, 22nd February, 2016, pg 1. Volume 3, (2016), May “ISSN

2455-2488” “Udgam Vigyati” – The Origin of

Knowledge Page 9

https://www.thesslstore.com/blog/2018-cybercrime-statistics/

https://economictimes.indiatimes.com/articleshow/67769776.cms?f

rom=mdr&utm_source=conte

ntofinterest&utm_medium=text&utm_campaign=cppst

https://www.thesslstore.com/blog/2018-cybercrime-statistics/

https://economictimes.indiatimes.com/articleshow/67769776.cms?from=mdr&utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst



11.cyber literacy of bank customers - a study in udupi …

Documents