Nifty99000 100%

Sensex99000 100%

Article rating: 5.0
Article rating: 4.5
Article rating: 5.0
Article rating: No rating
Article rating: No rating
Article rating: 3.0
Article rating: No rating
Article rating: No rating
Article rating: No rating
Article rating: No rating
Article rating: No rating
Article rating: No rating
Article rating: No rating
Article rating: 4.3
Article rating: No rating
Article rating: 3.8
RSS

News

Digital use is ultimately about balancing convenience with risks: Shivangi Nadkarni

Author: Kumar Shankar Roy/Wednesday, March 13, 2019/Categories: The Finapolis Conversation

Digital use is ultimately about balancing convenience with risks: Shivangi Nadkarni

Financial transaction security and data privacy are issues that have come to the fore often in the recent past. With a rising number of Indians spending time on websites and apps i.e. the digital world, the risks of digital attacks have grown exponentially. Unfortunately, Indian websites have yet to mature when it comes to user privacy, says Shivangi Nadkarni, co-founder and CEO, Arrka Consulting. It is important to understand that personal data of users is being collected all the time when the user is online – via the mobile apps they have installed on their phones, via the websites they visit, even via other online touchpoints such as smart home assistants and other smart devices, she says. In an interview to Kumar Shankar Roy, Nadkarni, who has an engineering degree from BITS Pilani and Masters degree in management from IIM Calcutta, sheds insights into how users should navigate the digital maze and take precautions when it comes to usage. 

You do a lot of privacy testing of websites. Can you tell us about your findings about popular Indian websites? Are they respectful about user privacy and personal data?

Indian websites have yet to mature when it comes to user privacy. There is very limited transparency in terms of what they do with a user’s personal data, the kinds of tracking & profiling they do, etc. 

The privacy notice on a website is expected to outline to a user what is being done with their personal data – and notices in India do not do so effectively. This is not surprising because there is no Data Protection or Privacy law in India requiring them to be transparent – so there is no real push.

A lot of attention today is given to how user data is used and how social media platforms are influencing people. Can user data be utilised to manipulate people?

A user’s personal data can most certainly be used to influence them. It is important to understand that personal data of users is being collected all the time when the user is online – via the mobile apps they have installed on their phones, via the websites they visit, even via other online touchpoints such as smart home assistants and other smart devices. This is fed into vast global eco-systems of data brokers, profilers, advertisers, marketers, analytics folks, etc – based on which detailed individual profiles are built and continually updated. These profiles are then leveraged to customise what gets ‘presented’ to a user – the news that a user sees, the ads that get presented to her, even the search results that come up when she does a search online. In the world of privacy, this is known as the ‘big nudge’ – indicating how users are ‘nudged’ or manipulated with certain ideas, opinions, and beliefs.

In fact, the whole Facebook-Cambridge Analytica brouhaha was about exactly this … how users’ were manipulated using their profiles to influence the outcome of the US elections. 

Much of online usage today takes place via mobile phones. What is your take on top Android Apps and their IOS counterparts in terms of privacy protection?

Our recent study on the “State of privacy” shows that of the tested Android based apps, 50% have access to camera, 69% have access to a user’s precise location and 79% have access to device ID and call details. Almost 100% of apps studied send data across the borders. In the case of IOS based apps 79% have access to camera, 88% have access to photos & 72% have access to a user’s location. Also 41% websites do not encode/encrypt username and password at the client side prior to transmission.

We are constantly dealing with digital risks – via our devices (smartphones, tablets, laptops, smart devices, etc) as well as the Apps and Online sites we use. But, the conveniences and advantages they bring are huge. How to balance the two realities?

This is a very individual choice and decision. It is ultimately about balancing convenience vis-à-vis the risks an individual is willing to take. Some people may be willing to take extra risks compared to others. What is important is that (a) people are given a choice – and not presented with a fait accompli and (b) they are aware of and cognizant of the risks involved so they take informed decisions.

When we download and install an App or when we run an App on our mobile device, it asks for your permission to access certain data or information on your device. How safe is this to allow such permissions? Some apps don't even complete installation if we don’t give permissions...

These permissions you are referring to are known as ‘Dangerous Permissions’. They are referred to as such because the kind of data they access to via the permission can severely compromise a user’s privacy. However, it is important to understand that some of these permissions are required for the app to function. For eg, a taxi hailing app needs access to your location so the taxi can pick you up. The problem comes up when apps take more permissions than they require for their functionality. Which is why it is important for a user to remain alert and aware and not give permissions which are not required.

And yes, many apps don’t necessarily ask for permissions in the first place. However, this is slowly changing – with the Android and IOS systems forcing some best practices amongst app developers. However, this needs to be supported with appropriate laws to act as the necessary deterrents.

In terms of financial transactions, many of us do online money transactions for recharges, paying bills, online shopping and ordering food. Should these be done only through debit card/net banking route, or it is okay to do them through platforms like Amazon Pay, Paytm, Mobiwik etc?

Whether you do a transaction using debit cards/ net banking or via wallets like Paytm etc – ultimately you are using a digital interface. Hence risks from data privacy and security point of view are on par. Hence when evaluating the two, it may be prudent to look at other types of risks involved – like fraud risks etc – and the recourse available to a user if things go wrong in each type of situation.

On WhatsApp and other phone messaging apps, often messages are sent saying 'click this to get 50% discount' etc. Are these ways to collect user data and later use that data with malicious intent? How can users know what is genuine and what is a scam?

More often than not, they tend to be mechanisms used to enable data collection. However, they may be genuine too. Hence one cannot paint everything with the same brush. But it is always better to be careful and think twice before availing anything that seems ‘too good to be true’.

Whether the data collected is used for malicious purposes or not is an entirely separate aspect. They may well be genuine offers made by legitimate companies to collect data – that they use for tracking & profiling a user. However, there are many fraudsters and scamsters out there who want to collect user data and use it for malicious purposes. The only thing one can do is to remain alert and aware – and critically look at any ‘lucrative’ offers.

Print Rate this article:
5.0

Number of views (164)/Comments (0)

Kumar Shankar Roy
Kumar Shankar  Roy

Kumar Shankar Roy

Other posts by Kumar Shankar Roy
Contact author

Leave a comment

Name:
Email:
Comment:
Add comment

Name:
Email:
Subject:
Message:
x

Videos

Ask the Finapolis.

I'm not a robot
 
Dharmendra Satpathy
Col. Sanjeev Govila (retd)
Hum Fauji Investments
 
The Finapolis' expert answers your queries on investments, taxation and personal finance. Want advice? Submit your Question above
Want to Invest
 
 

Categories

Disclaimer

The technical studies / analysis discussed here can be at odds with our fundamental views / analysis. The information and views presented in this report are prepared by Karvy Consultants Limited. The information contained herein is based on our analysis and upon sources that we consider reliable. We, however, do not vouch for the accuracy or the completeness thereof. This material is for personal information and we are not responsible for any loss incurred based upon it. The investments discussed or recommended in this report may not be suitable for all investors. Investors must make their own investment decisions based on their specific investment objectives and financial position and using such independent advice, as they believe necessary. While acting upon any information or analysis mentioned in this report, investors may please note that neither Karvy nor Karvy Consultants nor any person connected with any associate companies of Karvy accepts any liability arising from the use of this information and views mentioned in this document. The author, directors and other employees of Karvy and its affiliates may hold long or short positions in the above mentioned companies from time to time. Every employee of Karvy and its associate companies is required to disclose his/her individual stock holdings and details of trades, if any, that they undertake. The team rendering corporate analysis and investment recommendations are restricted in purchasing/selling of shares or other securities till such a time this recommendation has either been displayed or has been forwarded to clients of Karvy. All employees are further restricted to place orders only through Karvy Consultants Ltd. This report is intended for a restricted audience and we are not soliciting any action based on it. Neither the information nor any opinion expressed herein constitutes an offer or an invitation to make an offer, to buy or sell any securities, or any options, futures or other derivatives related to such securities.

Subscribe For Free

Get the e-paper free