Know Your Phone (KYP)

Almost every individual uses smart phones today. It is a part of life. However, users need to know their phone w.r.t. its security and accessibility controls, to avoid compromising their privacy inadvertently.
With the advent of digital revolution and IoT, most customers perform most of their transactions using their smart phones and almost all services are maintained through android or iOS applications. Be it a movie ticket booking or food order or grocery purchase or cab booking, everything can be managed through an application. Even payments have been revolutionized such that funds can be transferred with a single click.

Most of these apps don’t require the user to enter card details for each transaction. They give users the flexibility to save card details in the app data and just ask for a CVV to initiate the transaction and an OTP to complete the transaction. Users don’t need to go to the messages app and manually enter OTP. App by default accesses message inbox and reads the latest OTP message received by the user.

Yes, this provides flexibility to the user and also enriches the experience, however at the same time it also allows fraudsters to steal personal data. With the increasing number of services online, every day we get to hear about a new startup with new and exciting offers in order to penetrate into the market quickly. At the same time there are many fake apps available online and their main aim is to capture the important or confidential data of the user.

So users must be more attentive while installing any new application and while transacting through any new application. Though authenticity of an app. can be explored and evaluated through user reviews or other options, it is better to restrict the app’s permissions to read messages or media files directly. Android users can review the different apps installed on their mobile regularly and can check whether any unauthorized app is installed. Also, users have the flexibility to check the various permissions they have granted to the different apps. For example, users can check what permissions apps have and revoke permissions when they want. For example, if a user does not want an app to access the message inbox for OTP, the user can simply use the toggle button to revoke access.

Similarly, users can control any application installation if not verified by the google play store. Android users have an option to control the installation of applications from unknown sources. This feature allows the user to check the authenticity of the application before installing it and then either install or reject the installation based on personal checks.
Also, it is not advisable to save any passwords or PINs for cards or apps on their phone or online as these can be accessed through some malware or through any unauthorized apps.

Though these things might scare users and create apprehensions about using digital banking, the comfort, convenience and flexibility of using digital banking and other digital applications makes it very difficult for anyone today to not use digital banking services. However, users must be aware of the impacts and usability guidelines. Also, users should be aware of the possible implications and preventive measures.

Just like every bank expects users to comply with KYC norms by collecting identity and address proof documents, every user should know what is happening in their mobile and what all is installed in order to keep themselves safe and prevent data breach at their level.