How does Zerodha ensure safety of users from cyber fraud in AI era? Nithin Kamath unveils the secret formula
Zerodha co-founder Nithin Kamath believes that implementing two-factor authentication (2FA) can significantly reduce the risk of cyber fraud.
With the increasing number of cyber frauds in the country, the Reserve Bank of India, the National Stock Exchange, and various other top financial bodies have regularly worked on awareness programmes to mitigate the cases of scams. Zerodha co-founder Nithin Kamath believes that there's one precaution that can significantly reduce the odds of being a victim of cyber fraud. It's the 2FA! According to Kamath, 2FA stands for two-factor authentication. He said 2FA should be enabled everywhere.
What is 2FA?
With advancements in technology, hackers can easily steal passwords while logging in to any application or website. However, 2FA is an additional factor to secure your account. Biometric authorization, TOTP (time-based expiring codes), etc. makes account compromise much harder, says Kamath.
In the world of Artificial Intelligence, everyone has become the target of hackers, especially businesses since hacks can be financially lucrative. Sharing suggestion for businesses to avert financial scams, Kamath said that roping in actual technologists who understands UX and user behaviour could be a great step to mitigate risks.
Kamath shared personal experiences that he has applied at Zerodha.
How Zerodha ensures the safety of employees from cyber-attacks?
Nithin Kamath said that in Zrodha they have a mandatory 2FA even for internal employee systems. Also, strict 'role-based access' wherein everyone gets the least access and least privilege by default.
Nothing is connected to the internet by default & access is over “zero trust" networks. Even incoming external e-mail for employees is only available where necessary. Zerodha has Botnet & DDoS protection in front of all internet-facing systems. Real-time monitoring and analysis systems.
Besides, the entire employee base including non-technical folks uses Linux desktops to reduce the attack surface. Kamath said he uses Zorin (Linux). He said that he is paranoid about external vendors and SaaS services. " We self-host all our internal systems on private networks and almost no SAAS vendors. Everything is pretty much self-hosted FOSS (Free & open source)," Kamath wrote on Twitter.
Is zero cyber risk possible?
According to Zerodha's founder, there is no way to ensure there is zero cyber risk and it is not a purely technical problem. A significant number of hacks in the world involve exploiting human weaknesses.
but constant vigilance, good technology, non-tech practices and processes, and awareness of the risks can reduce at least some fraud.
"In a world of NFTs, crypto, AI, the metaverse, etc., we need to be almost paranoid about all digital interactions. Also, to always remember that if something sounds too good to be true, it usually is," Kamath concluded.
A report called, "The Anatomy of Fraud 2023’ by Bureau, an AI-architected platform recently revealed that account-related fraud added up to about 65% of all fraud cases in the financial services sector. And, about 55% of the reported digital payment frauds in India are UPI-related.
Milestone Alert!Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.