February 9, 2018 - securitylinkindia

Banker’s Legal Guide to Deal with Phishing Scams and Cyber Crimes in India

MassMediaLink India LLP SecurityLink IndiaFebruary 9, 2018November 14, 2024014 mins

Online banking has revolutionized banking transactions whereby money could be transferred at a single click. It has been a time saver and has been an extremely convenient method to undertake commercial transactions. However, it has led to litigations against banks as well, as with online banking also come phishing emails. Phishing emails in these cases are those which purport to have been sent by the bank with the look and feel of a legitimate email. They ask the user to enter their username and password to reconfirm their accounts, with invariabe threats that if the confirmation is not made, the account would be frozen immediately. In many cases these emails are spoofed also whereby a third party sends an email using the email id of the bank, but that can be easily identified by reading the complete header of the email. Many users panic on receiving such emails and immediately give out their personal sensitive data like banking passwords to third parties purporting to be representing the bank. They realize that they have been duped only when money is withdrawn by such third parties from their bank accounts. There has been a slew of litigation against banks whereby the victims of phishing scams file complaints against the banks under the Information Technology Act, 2000. The grounds on which such complaints are filed attracts Section 43, Section 43A and Section 72A of the Information Technology Act. Section 43 deals with unauthorised access, and the complainant in most of the cases alleges violation of Section 43A which is for accessing or securing access to a computer, computer system or computer network without permission of the owner or the person in charge. However, banks have a very strong legal defence to this cause because the unauthorised access is done by a third party and not by the bank. The banks on receipt of any information from an online banking services user that his account has been wrongfully debited, must ask him if he responded to any email asking for his password, and also asks him to submit documentary proof of that email to the bank. If the user admits that he has replied to such phishing email, the bank requires him to submit a letter to the bank to that effect in order to enable the bank to freeze his account, whereby further unauthorised money transfer from his account could be stopped. The bank should intimate the user by an official letter to file a complaint with the cyber crime cell, and the bank should also file an FIR against the beneficiary account holders in whose accounts the money has been unauthorisedly credited. This is important to prove the proactive efforts of the bank in a litigation by a victim against the bank under the Information Technology Act. Section 72A of the Information Technology Act for punishment for disclosure of information in breach of lawful contract reads as under: Save as otherwise provided in this Act or any other law for the time being in force, any person including an intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing personal information about another person, with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any other person shall be punished with imprisonment for a term which may extend to three years, or with a fine which may extend to five lakh rupees, or with both.” The main contention of the complainant would be that the bank has access to his password and misused it. However, as per RBI norms all banks have 128 bit encryption of passwords and the bank does not have any access to the same. The complainants in most cases attempt to bring the bank within the definition of an ‘Intermediary’ under the Information Technology Act; however, the exceptions to intermediary liability under Section 79 of the Information Technology Act, 2000, apply to a bank in this case because of the following reasons: The function of the bank is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored. The bank does not- i) initiate the transmission, ii) select the receiver of the transmission, and iii) select or modify the information contained in the transmission The bank observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf. The banks are required to maintain ISO 27001 standards because they handle confidential and sensitive personal data of users of their services. In brief, the banks need to undertake the following steps in order to be able to succeed in any litigation against them: They should provide a handbook to the online banking services users at the time they apply for such services. The handbook should mention directions for safe use of online banking and should also contain complete information about phishing emails and scams, including information on how users can protect themselves from such phishing attacks. The online banking services application should have an Indemnity clause, whereby the user indemnifies the bank. The terms and conditions of online banking should contain Indemnity clauses with respect to password of the user, online transactions and use of bank’s services. There should be a security tips page which warns users of phishing emails each time they log in for online banking. Customers/ users should be proactively informed about all the Cyber threats. There should be Cyber security and Cyber law compliance panel. This panel should comprise of cyber security experts who should ensure that proper cyber security measures are always in place and the cyber lawyer in the panel should ensure that the online banking user agreement clauses are up-to-date to restrict the bank’s liability in an environment where new cyber crimes get…

Feature

Top Video Surveillance Trends for 2018 – Big Differences between the Chinese Market and the Rest of the World

MassMediaLink India LLP SecurityLink IndiaFebruary 9, 2018November 14, 202406 mins

Demand for professional video surveillance cameras has been growing quickly and is forecast to continue growing in 2018. It is estimated that less than 10 million surveillance cameras were shipped globally in 2006, which grew to over 100 million in 2016, and is forecast to make over 130 million during 2018. Despite this increase in demand, the average price of cameras and other video surveillance equipment will continue to fall quickly. As a result, IHS Markit forecasts that in terms of US dollar revenues the world market for video surveillance equipment will grow at an annual rate of less than 6% in 2018. It will be challenging for vendors to continue to grow revenues and margins, but there will be opportunities for well-placed vendors. For example, both the South East Asian and Indian markets are forecast to grow at higher than average rates. There is also great potential for the next generation of products powered by technologies like deep learning and cloud computing. So, what will be the big stories during 2018? Deep learning, GDPR compliance and drone detection technologies are just some of the trends discussed in this eighth annual trends IHS white paper. The following articles are designed to provide some guidance on the top trends for 2018 in the video surveillance industry. By Jon Cropley Big Differences between the Chinese Market and the Rest of the World China is forecast to account for over 46% of global professional video surveillance equipment revenues in 2018. Despite this, the Chinese market has some unique characteristics that make it very different to other regional markets. This has led to the suggestion that there are two markets for video surveillance equipment – the Chinese market and the world market excluding China. Below are 5 ways in which the Chinese market differs from the rest of the world. Supply of equipment is more concentrated in China The two largest vendors of branded video surveillance equipment accounted for over 50% of the Chinese market in 2016. This compares to the world excluding China where the two largest vendors accounted for less than 20% of the market. Shipments of deep learning-enabled equipment are much higher in China It is forecast that three quarters of all deep learning-enabled servers for video surveillance shipped worldwide in 2018 will be shipped in China. Domestic vendors dominate supply of equipment in China Chinese vendors account for more than 80% of Chinese market revenues. There are other countries where domestic brands dominate supply (Germany, Japan and South Korea are all examples). However, in most other country markets, foreign vendors account for a much higher proportion of revenues. Shipments of HD CCTV are proportionally lower in China It is forecast that HD CCTV cameras will account for only around 10% of all cameras shipped in China in 2018. It is forecast they will account for over half of all camera shipments in the world excluding China. The market has been growing faster The Chinese market has grown at an average annual rate of 13.3% between 2012 and 2017. In comparison, the World market excluding China has grown at an average annual rate of 2.6% over this time. Despite all of this, growth in camera shipments has been slowing in China as the market becomes increasingly saturated. Continued high market growth will increasingly depend on shipments of higher-priced next generation deep learning-enabled equipment. IHS Analyses The A to I of Video Surveillance Terminology By – Jon Cropley General Data Protection Regulation (GDPR) By – Josh Woodhouse Video Surveillance Fault Tolerance By – Josh Woodhouse Forensic Video Analytics as a Service By – Josh Woodhouse The Evolution of Deep Learning in Video Surveillance By – Monica Wang Drone Detection Technologies By – Oliver Philippou

Feature

Top Video Surveillance Trends for 2018 – The A to I of Video Surveillance Terminology

MassMediaLink India LLP SecurityLink IndiaFebruary 9, 2018November 14, 202407 mins

Demand for professional video surveillance cameras has been growing quickly and is forecast to continue growing in 2018. It is estimated that less than 10 million surveillance cameras were shipped globally in 2006, which grew to over 100 million in 2016, and is forecast to make over 130 million during 2018. Despite this increase in demand, the average price of cameras and other video surveillance equipment will continue to fall quickly. As a result, IHS Markit forecasts that in terms of US dollar revenues the world market for video surveillance equipment will grow at an annual rate of less than 6% in 2018. It will be challenging for vendors to continue to grow revenues and margins, but there will be opportunities for well-placed vendors. For example, both the South East Asian and Indian markets are forecast to grow at higher than average rates. There is also great potential for the next generation of products powered by technologies like deep learning and cloud computing. So, what will be the big stories during 2018? Deep learning, GDPR compliance and drone detection technologies are just some of the trends discussed in this eighth annual trends IHS white paper. The following articles are designed to provide some guidance on the top trends for 2018 in the video surveillance industry. By Jon Cropley The A to I of Video Surveillance Terminology The past 12 months have seen a range of new terms becoming regularly used in the video surveillance industry. We attempt to provide a brief summary of some of these. AI (artificial intelligence): Computers are able to perform specific tasks as well as, or even better than human intelligence. In the context of video surveillance, AI is used in the field of computer vision to classify visual images and patterns within them. Big data: Huge amounts of different information are stored, organized and analyzed by computers to identify trends, patterns, and relationships. In the context of video surveillance, the data could be metadata describing hours of video surveillance footage combined with other data sources to highlight patterns relating to security or business operations. Cloud computing: Instead of using a local server to store or manage video surveillance data, use a network of internet-connected remote servers. Generally this network has the ability to provide additional resource if and when required from a larger available pool. The available resource may be clustered into a datacenter or network of datacenters. These may be private (entirely or partly owned for exclusive use by specific organization/s) or public (resource accessible to multiple separate users). Deep learning: A branch of machine learning and subset in the field of AI. Deep learning makes use of algorithms to structure high-level abstractions in data by processing multiple layers of information, emulating the workings of a human brain (a neural network). Edge computing/ storage: Performing data processing and analytics/ storage closest to the source of the data (normally, in this context, in a video surveillance camera). Face recognition: When a video surveillance system can automatically match a person’s face against a database of individuals. GPU (graphics processing unit): A programmable chip specialized for use in image processing. Due to the requirement to be able to simultaneously processing multiple large data blocks required in modern image processing, GPUs have been found to be highly suitable for deep learning/ neural network processing. H.265 (or MPEG-4 part 2): H.265 is a video compression codec standard approved by the International Telecommunications Union (ITU-T). Compared with H.264, H.265 has the potential to use 30-40% less bandwidth for a video stream of the same quality. IoT (Internet of things): IoT is not a specific device or technology – it is a conceptual framework, driven by the idea of embedding connectivity and intelligence in a wide range of devices. IHS Markit defines an IoT device as a device which has some form of embedded connectivity that allows the device to be directly connected to the internet (i.e., IP addressable), or allows the device to connect (tether) to an IP addressable device. In the context of video surveillance, this could be using video surveillance data with other sensors or sources of information. IHS Analyses Big Differences between the Chinese Market and the Rest of the World By – Jon Cropley General Data Protection Regulation (GDPR) By – Josh Woodhouse Video Surveillance Fault Tolerance By – Josh Woodhouse Forensic Video Analytics as a Service By – Josh Woodhouse The Evolution of Deep Learning in Video Surveillance By – Monica Wang Drone Detection Technologies By – Oliver Philippou

Milestone Reforms Security System At Guatemalan ‘Safe City’ Las Ramblas de Cayalá

MassMediaLink India LLP SecurityLink IndiaFebruary 9, 2018November 14, 202405 mins

Milestone Systems’ open platform IP video management software (VMS) helps giving peace of mind to the residents and visitors of Las Ramblas in Cayala City, Guatemala. Milestone Systems’ XProtect® Expert software, an open platform technology, was chosen for managing IP-networked video and maintaining continual surveillance over the city’s projects. Network video cameras from Axis Communications are also used, some with crossline detection video analytics. EMC Isilon servers provide the data storage. The open platform Milestone software is compatible with the previously installed security equipment unifying the interface between differences in brand, while featuring larger capacities (in its servers as well), which optimizes resources. The combined solution also integrates easily with existing human resources and procedures, making the process of obtaining valuable information, taking action and preventing incidents more efficient. Designed by urban planner Leon Krier, Cayalá is located in Guatemala’s capital city. His objective was to create a virtually independent city within the capital, away from crime and the problems known commonly to affect it. The initial project began in the 1980s when the land was purchased. The first residential areas that were built stood out due to their signature white walls but this closed city model led to some criticism related to class division and isolation of the Guatemalan upper class. As a result, the city’s residential community, Las Ramblas, is an open zone that forms a part of the commercial area and the Cayalá offices. Las Ramblas and the project’s future residential phases do not have walls, but are instead open, connected areas. It was exactly this aspect of Las Ramblas that led to its security systems – specifically those designed for open areas – being put to the test. The goal was to maintain the same standard of existing security among the other phases of the Cayalá project. A plan that integrates technology, infrastructure and people In order to carry out a challenge of such magnitude, the city selected Milestone Systems XProtect Expert software as its technological platform. Working together with human resources and processes, it provides the necessary information to take action and prevent security incidents.n Cayalá there are more than 1,500 residences, over 400 offices and businesses, and over 50 lofts. At times, the area involves more than 20,000 visitors daily. Thus, one of the clear and principal objectives was to offer a safe environment for visitors and residents; as a result, Cayalá took on the idea of being a ‘Safe City’ from the beginning. Reaping the benefits of a successful program With an investment of over 2 million dollars in technology, Cayalá has been able to introduce the concept of a ‘Safe City.’ The routes of its residents and visitors alike are monitored thanks to a combination of over 120 elements provided by human resources, processes and technologies, which together make it possible to obtain information, take action and prevent security breaches.