Towards Safer eBanking Date: Thursday 24 th November 2005 Venue: Police Gymkhana, Marine Lines

Day 4

Banking in India has gone electronic over the last few years, in line with the global trends. Today, banks are not only automating their core banking operations, but also increasingly using Information Technology for front-end customer-intensive operations. This trend is expected to be strengthened over the next few years and spread from urban to rural areas and from foreign and Indian pr ivate banks to public sector and co-operative banks. With the obvious advantages of enhanced productivity, also come the risks associated with critical reliance on the IT infrastructure. While technological and managerial solutions are available to contain this risk, the importance of a culture of compliance among the banks employees and customers is essential. The first line of attack is the social engineering attack where people are coerced or deceived into parting with valuable or sensitive information. This is where most vulnerabilities occur. To this end, the Mumbai Police organised a seminar centred on the trends in use of IT in banks and the risks thrown up due to the transition to electronic processes. The seminar also sought to highlight criminal activities which have come to light so far, the strategies to counter cyber crime in banking and the future roadmap. The seminar was well received by the banking community with over 40 participants from the Senior Management as well as IT departments of the banks. Mr. A. K. Purwar, Chairman, State Bank of India was the chief guest at the event. Mr. A. N. Roy started the proceedings and Mr. Vijay Mukhi gave an overview of the Cyber Safety Week 2005 Mr. Nandkumar Saravade set the stage by educating the participants about cyber attacks. To elucidate the simplicity with which one could compromise security, he gave a case study based on a banking security incident. Moving on to the enforcement and preventive side, he also introduced the audience to the Mumbai Cyber Lab and highlighted the activities of the lab to keep the IT space secure. Mr. Hanuman Tripathi, Managing Director, InfrasoftTech then took the audience for a behind the scenes look at how e-transactions and e-banking works. Mr. Uday Kotak, Exec utive Vice Chairman and Managing Director, The Kotak Mahindra Group gave the perspective of the User industry- In this case the Banking and Financial Services Community. He spoke about how his company deals with IT security and what are the provisions and measures they have taken to enhance IT security. He added that as the industry integrates and offers various complex financial products and services to their customers, there is an increased need

to have more information about their requirements and consum ption patterns. With such sensitive information being handled, the issue of the security of the data is also a key concern. Mr. Arup Patnaik, IPS, Joint Commissioner of Police (Law and Order), Mumbai Police also provided the Law Enforcement perspective on the issue. eGovernance and Data Security Issues Venue: Police Gymkhana, Marine Lines Today, governments are also fast realizing the advantages of IT and are computerising processes and digitizing records at a fast pace. IT implementation in the government, which was earlier restricted to Public Sector Undertakings are increasingly finding their way into government departments like education, land records, revenue, finance and so on. As in the case of commercial enterprises, when information in increas ingly gets digitized, challenges are being thrown up about the sanctity and security of data. To tackle the challenges faced in eGovernance, Reliance Infocomm organised a workshop. The meeting discussed the various issues in data security facing the government, which could hinder the growth of eGovernance and the forward path to be taken. The meeting was inaugurated by Mr. Subhash Awate, The Joint Commissioner of Police (Administration), Mumbai Police. Mr. Vijay Mukhi commenced the discussion by giving an overview of IT security and the relevance of the Mumbai Cyber Safety Week. Dr. Vinod Kumar Budhiraja from Reliance Infocomm spoke about the companys initiatives in eGovernance. He emphasised that the foundation of data security should be laid at the st rategic planning stage itself. Moving on to the technical side, Mr. Sunil Gupta from Reliance Infocomm described the ideal setup of a data centre. After giving the specifics, he also gave an insiders perspective into the structuring of the Data Centre at the Dhirubhai Ambani Knowledge City. Mr. Anil Mathur from Microsoft India also threw light on various aspects of IT Security Outsourcing. Dr Ajay Bhushan Pandey, Secretary of Information Technology, Government of Maharashtra appreciated the efforts taken by the Reliance group. He also lauded the Mumbai Police and NASSCOM for spreading the message of Cyber Safety. e-Learning: How Hackers hack and how to keep them away

Venue: Online How hackers hack and how to keep them away was a hands-on management development seminar where actual computer vulnerabilities were demonstrated by Cyber Security Experts. This was an interactive seminar. Participants visited Hughes DirecWay classrooms in their towns and participated live in the seminar. The Webinar was conducted by Mr. Peter Mukherjea, CEO, Star TV and Mr. Vijay Mukhi. The level of interest and interactivity could be judged by the fact that by the time the session closed, there were still 60 questions which could not be answered due to lack of time. Cyber Caf Issues Venue: C-DAC Mumbai, Gulmohar Cross Road No. 9, Juhu The number of people logging onto the internet is increasing daily. Very soon, the entire world would be connected to the internet. Computer literacy and usage gives one an edge in almost every area of life. In the developing world, where computer penetration is very low, cyber cafes are the sole source of connecting the teeming masses. They are as popular as PCOs were before the telecom boom in India. The large number of cyber cafes, most of which are run by small entrepreneurs are essential for the growth and usage of internet based services. But, the unregulated nature of the internet does pose a few problems. Concerns about hacking and privacy have led to some discussion about a need fo regulating cyber cafes. The All India r Association of Industries organised a discussion to see both sides of the issues- from the regulatory and enforcement as well as the cyber caf operators. Mr. Nandkumar Saravade gave an overview of Internet usage in India and pointed out that there is a shift in the profile of the users. More representatives from the general public are logging on every day. He added that as more and more people log online, there is an increased need for IT security on account of the amount of personal details stored online. With increased incidences of ID theft and privacy concerns also looming large, this is a key vulnerability. Cyber Caf owners should also be aware of the malicious programs and tools available like keyloggers and Trojans. Prof. Jitendra Shah, Consultant IT, Department of Information Technology, Government of Maharashtra spoke about the need to have local language computing capability to ensure that IT does reach the masses. Mr. Pravin Chinchalkar from the Cyber Crime Investigation Cell, Mumbai told the audience about the importance of maintaining logs in Cyber Cafes. He added

that the initiative should be extended and a permanent platform could be created where the Law Enforcement agencies and the Cyber Caf Operators can interact with each other on cyber security issues. Ms. Preeti Desai, President, Internet & Mobile Association of India focussed on the eCommerce part of online activity. Mr. Ashish Saboo, President, Association of Public Internet Access Provider spoke on behalf of the Cyber Caf Owners. He echoed the police view that communication channels between Cyber Caf Operators and Law Enforcement agencies should be build. Clarity should be brought into the issue of the Cyber Caf user identification. The Cyber Cafes can be used as nodes to disseminate information about Cyber Security. From a business perspective, Cyber Cafs should evolve into a secure medium for eTransactions. Mrs. Rupa Naik, Executive Director, All India Association of Industries, Dr Alka Irani, Chief Investigator, Janabhaaratii, C-DAC, Mumbai and Mr N Bhaskar, Chairman, e-convergence Technologies Ltd. also spoke at the seminar.