Header image alt text


Building a Responsible Cyber Society…Since 1998

New Business Opportunity opens up with DigiLockers

Posted by Vijayashankar Na on March 8, 2017
Posted in Cyber Law  | No Comments yet, please leave one

According to the ad, the Government has now decided to license public & private agencies to provide Digital Locker Services, as licensed Digital Locker Service Providers (DSLP) and invited applications.

Applications can be made either by an agency of the appropriate Government or a body corporate meeting the following criteria.

  1. Minimum Paid up capital Rs 5 crores
  2. Minimum Networth Rs 50 Crores
  3. Foreign equity not to exceed 49%

The business of a DLSP may include “Portal Services” and “Access gateway management services” related to the Digi Locker scheme.

Naavi expects this business to be huge and requires a high level of skills in managing a secure electronic cloud environment.

It is possible that some of the existing Certifying Authorities who are managing Digital Certificate related business may try to get into this business. However it is not clear if the capital criteria required for the Certifying Authority business and Digi Locker business can be merged or they should be considered separate.

This business is a good opportunity for start ups who have the backing of a group which can provide the initial capital.

Otherwise the NBFCs  may also consider this as a good opportunity to diversify into this area.

It would be interesting to know which type of organizations have the vision to see the business prospects that this new line of activity presents.


Customers of State Bank of India Beware… Your risks have gone up!

Posted by Vijayashankar Na on March 8, 2017
Posted in Cyber Law  | 2 Comments

On the International Women’s Day, the Board of SBI has just announced what could be considered as an unwise move to allow women workers to work from home for one year. (As per news reports)

Is this a goodwill move for women employees? .. Perhaps it is intended to be so and perhaps the Board may also believe it to be so.

However there are two other dimensions to the decision. SBI is now merging its associate Banks with itself and will find this year to be a year of Chaos. At this time, there would be a huge excess staff and perhaps SBI Board considers it good if some congestion in the Branch is reduced.

By asking its  women employees to work from home they are being told that you are not required at the critical operation center. However we will pay you the salary but keep off the operations. This is an expression of no confidence on the women employees. This will be welcomed by all inefficient employees but many others would resent the need to get back to the family cores for the whole day without the relaxation of being in the Bank. However I am sure a majority of efficient members would be uncomfortable since they will lose competitive edge if they accept the “Home Based Work” instead of the Customer facing important work at the Branch and at the same time if they refuse to take the option, would find the pressures from the home front to stay at home increase.

But more seriously, SBI needs to consider the quantum jump in the Information Security Risks that will arise because some of their employees holding passwords on behalf of the Bank would now be working off-site on open networks and using their own computing devices when their attention is being diverted by the complaining mother in laws, the crying babies and the demanding husbands besides the servants and courier boys who may have more than prying eyes.

The “Techno-Legal- Behavioural Risks” of banking with SBI will therefore multiply.

SBI recently faced the massive card security breach and many cyber crime victims are still struggling to get their money back. Mr Urjit Patel is helping the banks to dodge the Cyber Crime victims from receiving back their dues by not operationalizing the August 11, 2016 draft circular issued by them.

But instead of providing a greater assurance to the customers about the security of the State Bank system particularly in the midst of the chaos of mergers which will be a fertile opportunity for fraudsters to indulge in massive phishing exercise, the Board of the Bank  has taken a political decision that will endanger the security of its account holders.

I urge Ms Arundathi Battacharya not to look at herself as a “Lady Chair Person” and push decisions that will endanger the community.

Our conventional media may not be able to analyze the impact of such populistic decisions and may praise the Bank.

But Naavi.org strongly denounces this populistic move and demands the Bank to explain what information security measures will be initiated by the Bank before the move is put into practice.

I urge the RBI to clarify if they have done their due diligence in this regard before the move was announced by SBI in the public.