Securing Prepaid Payment Instruments under the IT Act

ISMG India carried a report on the Prepaid Instruments recently which has been reproduced here.

Refer for more details here:

Naavi said in this context :

While MeitY has prescribed guidelines, security practitioners have offered other ideas. “The current authentication methods are highly OTP-dependent – whether passwords, aadhaar or e-sign – and don’t ensure complete secured transactions, as they are vulnerable,” says cyber law expert Naavi Vijayashankar of Cyber Law College and Ujvala Consultants. “New authentication systems must be built that circumvent risks with the current form of aadhaar-based authentication.”

“… that while common security measures include passwords and multifactor authentication, issuers must remember the focus of any business, and therefore its information security policy, is protecting the user from consequences of unauthorized access or denial of access.”

“….that practitioners consider risk assessment from multiple perspectives, including securing information from unauthorized access, data integrity and denial of access; protecting organizations from liabilities due to a security breach that could result corporate executives being charged civil and criminal liabilities; and protecting users from adverse consequences of a breach via cyber insurance .”

“…breach reporting is important and the central monitoring authority should possess such information to understand industry-wide risks.”

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.