How Safe Are You?


(This article is not intended for experts, on the contrary it is indicative to the first time Smartphone user or the regular smartphone user who is unaware about what is happening while he/she is using the internet from their device.)

Now everyone knows Content is King.  But listen to this: Content is King & User Data is Content!

Data or in simple language, information captured of the users through all apps, websites, links that we visit, is being tracked to a degree today, which is unfathomable. Tracking is not restricted to serving ads. People think use of data is only for ads, get this for real: The advertising spends in India alone clocked 574.86 Billion (57486 Crore Rupees) INR in 2016 and yet, Advertising is just the tip of the iceberg.

Everyone wants to get as much data or information as possible from users visiting their website, apps, links, apis etc. This data is then used either to sell to user through physical channels or through digital channels.

Very less of this data is actually used to enhance user experience.

We would be naïve to think that we have a “Private” life. If you are connected to internet you no longer have any privacy. Never mind the clt+ alt+ delete to the history visited. Giants know the websites you visit, where you go, what you read, what you consume on internet, your likes & dislikes etc is there for consumption whether you like it or not.

So coming to the golden question, with all the data use, and oblivious first time users who click on anything shared on whatsapp, email or any other social media. Example being, offers ranging from:

  1. Lottery – you have won 10000K Dollars. Click here.
  2. Jobs – You are selected in Click here.
  3. Ecommerce – you are selected to buy 10000 rupee product for 1 rupee. Click here.
  4. Bank –you are given lowest 1 % loan,.

There is no dearth of “creative” examples to lure the users to fall for a click bait on similar lines.

Pay close attention now. If you are tech savvy you may not fall for the first three baits. Yet with the last one, there are 60% chance of you clicking. Since our brain does not process the extra I in ICICI. One clicks believing that it is a bank website while it is a phishing website.

How most of these links work is very similar to keystroke tracker (Keystroke tracker is a tool when installed gives everything whatever you type using keyboard). Example as soon as you click the link a program is installed on your device.  Now if you open net banking and enter username and password, the keystroke will have both your username and password. This is just an example, there are many ways through which other information can be tracked once you write what information you want from user. It’s all about creating that logic and siphoning data from users without their knowledge!

Here it is easy to blame the service provider but in actual we make our own lives vulnerable.

Imagine if the same is being done in an app which you love? Would you be even aware of the data you are sharing right now via the apps you use?

How often do we read what permissions are being used by app before installing an app? Just take a moment after reading this article and go through the below steps and you will be able to know what all your apps are reading:

  1. Android

Settings > Apps > Click App you want to check permission for > Permission

  1. iOS

Settings > Scroll down to last click on app you want to check permission for

Apple Allows you to stop tracking for Ad Serving follow below steps

Settings > Privacy > Advertising > Limit Ad Tracking

Well this does not give you complete safety by restricting permissions, if the app does not use permission but uses some sort of api/web services to connect from the app and make you data exposed.

Recently while going through a top app, found that the app turns on the microphone and listens in to conversations & sends it to server. This is done to track what TV channels you are watching at what time, what TV series you are watching, what music you are listening, I don’t even want to get to the point of what they do with this data.

Have you ever wondered how you are being served advertisements based on your behaviour?

This comes with bundled concepts of User Profiling, User mapping and then User Targeting.

  1. User Profile – Age, gender, sex, habits, likes and dislikes all this can be got directly from the app you are using connected to the internet by what you browse what you download of the internet
  2. User mapping – now imagine tying this to behaviour of the user. Example a 30 year old, Male, from Mumbai like apps in content > which type of content > genre of content > language of content. Also likes to buy grocery online, and eats sea food a lot due to the buying pattern
  3. User Targeting – now imagine if someone has all this data and knows that every Sunday you order sea food either raw at home or cooked from restaurant. Next time on Saturday and early Sunday morning you will see ads of offers/restaurant where u can order from.

There is no harm in this, this data is okay since it increases our experience and in turn earns revenue for the advertiser and publisher both.

Don’t think you are safe if you turn off your internet every now and then. Apps are designed to keep saving information offline and send bursts as soon as you are connected to internet. It can save days of data together since it’s just binary data (very less size)

But the next golden question is what sort of Data Capture is okay? Where do we draw a line and say now this is enough. I don’t want to share details of my children with you, or my dark secrets with you…if you know the drift of the conversation! Because it is these sites where the users are most vulnerable.

Increasingly, Internet users find themselves asking someone “How did you find me?”

Digitization has its boon and curses.

Just to give perspective of how much we are being tracked, if maps can in real time tell you traffic in your area. Imagine  if you are living in a tier 2 or a tier 3 city…down to your by lane can the satellite pick up if the streets are jammed or clear, and to keep things in perspective, this is  in real time. Means you are not just being tracked on the internet, you are being tracked physically too.

I am not randomly throwing this out at you. With India moving extremely fast pace with Digitization and Internet Connectivity on Mobiles the question today is are we equipped to handle the security threat that comes along with this? Do we understand the dos and don’ts to prevent any risk?

Think about it. Perhaps, someone, somewhere tracked your reading this article too. Wonder what tomorrow’s ‘suggested reading’ will be now? Ahem.

#Security #Privacy #DataPrivacy #PhishingLinks #MobileSecurity #InternetSecurity #BrowserSecurity

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s