Page 48 - Dataquest
P. 48
INTEllIGENT COMPUTING | SECURITY
Payment Card Industry – Data Security Standards (PCI
- DSS) and Payment Application-Data Security Standard
(PA-DSS) leads to many of the security breaches
happening today. So, the banking institutions must adopt
the latest PCI -DSS and PA-DSS to ensure the security of
card holder’s data as this is a shared responsbility.
l For ensuring CIA Triad compliance in digital transactions,
we can make use of concept of 5 y’s:
Something you know – e.g. PIN and Passwords for
online login
Something you have – e.g. OTP which we receive on
our mobile device or in email
Something you are – e.g. your physical attributes or
Biometrics which have been used in Aadhar cards
Somewhere you are – e.g. Location based services, can
be used for very secure transactions
Something you do – the way you use keyboard or touch
screen of your smartphone for entering your details, the
speed and style can never be copied.
We can select any 2 or more authentication factors for
ensuring confidentiality and authenticity during digital
transactions. authentication with the help of PIN as well as OTP is
For example, one such method to increase security completed.
of ATM transactions is by linking mobile number with
Bank account. Whenever any transaction is done (The authors are Officers of Indian Telecommunication
using an ATM, a one time password (OTP) should be Service and presently working in Department of
sent to the customer’s registered mobile number and Telecommunications, Ministry of communications,
transaction to be completed whenever this two-step Government of India)
48 | January, 2018 www.dqindia.com A CyberMedia Publication |
