Posted on Leave a comment

Digital Payments in South Africa and Using them Safely

Digital Payments in South Africa and how to use them safely

With the Fourth Industrial Revolution upon us, we are moving closer and closer to becoming cashless societies. The advancement in technology with how we transact and pay for goods and services is rapidly evolving. Digital payments in South Africa and around the world are being adopted rapidly and not many people carry cash around with them anymore. I keep thinking about what that means for the man on the street, but I digress…

Common digital payments currently in South Africa

Today, for most people in First World and Middle-Income Countries, the preferred method of payment is some sort of electronic payment mechanism for convenience, improved user experience and safety reasons.

Companies are adopting new technologies at a rapid rate and are becoming more and more innovative with how they process customer payments. Some of the new forms of digital payments in South Africa include things like QR codes, you know, the funny looking barcode on the bottom of your bill. When making this type of payment you simply whip out your phone, open your payment app, like SnapScan, scan the code and, voila! Payment accepted.

The most common form of digital payment in South Africa that we have become used to is probably your bank card that allows you to simply tap your card on ‘The Machine’. As a word of caution, you should keep your bank cards in a RFID (radio-frequency-identification) safe wallet. This type of wallet protects your card from being randomly scanned through your pants or coat pocket by opportunistic criminals.

Digital Payments in South Africa
Make sure your wallet is RFID safe

Bank cards are becoming a thing of the past

Although for now you need to keep your bank cards safe, they are also rapidly becoming a thing of the past. Banks are now beginning to offer digital cards that you can carry on your smartphone. There will soon no longer be a need to carry your bank cards with you on a night out with the family.

Digital bank cards will be available on your smartphone

Other digital payments in development

1. Contactless payments

The latest global digital payment trends are slowly making their way into South Africa. A contactless payment is almost like tapping your card without needing your card. Huh? You can simply use your phone, or smart watch, to pay for your goods and services. You can load your card details onto your device and when you need to pay you simply wave your phone or watch near the terminal and using NFC (Near Field Communication) your device will successfully make the payment.

This form of technology is still in the early testing days for most banks accepting digital payments in South Africa, but many banks have expressed their interest in adopting these payment options as soon as they are available to better service their clients.

Men, just think, you would only need to carry your phone, car keys, reading glasses, sunglasses, house keys and face mask. Ah yes, one less item to remember before heading out the door.

2. Biometric authentication:

Biometric authentication is a verification method which involves biological and structural characteristics of a person. These verification methods include fingerprint scanning, facial recognition, iris recognition, heartbeat analysis, and vein mapping.

Biometric scanning will really go a long way to curb the massive problem of identity theft in South Africa and make payments efficient and safe. You may have noticed your online banking app asking you to set up biometric identification on your mobile phone.

3. EMV (Europay, Mastercard, Visa)

Traditionally, bank accounts were recognised by a unique code of numbers that were static. EMV uses codes that are unique for each transaction. The numbers vary from transaction to transaction thereby scrambling the numbers, which drastically improves security. If a hacker cannot get a hold of what a number is before it changes they will find it very difficult to get into your bank account and steal your funds.

4. Smart Speaker Systems

Smart-home systems like Alexa allow you to give voice commands and receive a verbal response to that command. You can give commands like to turn on your favourite music or switch the lights off when you go to bed at night.

It is also possible to order goods and services and make the payments through smart speakers like for an Uber ride. There are still many security and privacy concerns and the adoption has been slow as a result. However tech-companies like Google, Amazon and  Apple are in a race to develop this technology into safe-to-use devices that will make transactions secure and efficient.

Biometric authentication
Biometric authentication, very cool.

What about my other cards, will they go digital?

These are just a few of the current and developing digital payments that will become available in South Africa in the near future. But what about things like my driver’s license, my 50 loyalty cards and my gym card? I need to be able to keep those somewhere too. The good news is that there are trends emerging where these services are also becoming digital in South Africa. Your loyalty cards will be on your smartphone, like the Checkers, Pick ‘n Pay and Woolworths loyalty card. There is no reason why the rest won’t follow suit. What a pleasure!

Posted on Leave a comment

How to create a strong password and keep your digital profiles safe

How to create a strong password and keep your digital profiles safe

If you want to know how to create a strong password and keep your digital profiles safe, then you are on the right blog.

Creating a strong password can be an administrative nightmare as you could end up with numerous accounts with numerous usernames and passwords. The average number of passwords that every online user holds is 26 per person. Gasp! Yes, 26! Keeping track of all of them and ensuring that they are all hack-proof is a juggling act.

What generally tends to happen is that when we don’t know how to create a strong password or feel the one we have is ‘good enough’, we take a blanket approach and either use the same passwords for different accounts or create similar versions of the same password.

Although this approach may seem adequate to you, we  all need to remember that there are hackers “out there” that start with this exact approach when targeting your accounts i.e. they target common passwords or passwords that begin with a capital letter, or ‘admin’, or ‘password’ – yip, people do that. Insane, I know.

How to create a strong password.
Hackers target common passwords

If you want to run a check to see if your passwords have been breached in any way check out this website haveibeenpwned.com.

What hackers are capable of

Hackers are getting smarter and smarter and know that most web users don’t really know how to create a strong password.

They first target the easiest and most commonly used passwords. After that they move onto passwords with the least amount of characters. The more characters you use in a password the harder they are to break. It has been discovered that a password with 7 characters can only take 0.3 milliseconds to crack, but a password with 12 characters, can potentially take up to 200 years to crack.

Think of a safe with a combination lock. If you use your birthdate and a safe cracker starts with that because they have your Identity Number, then no problem to break in right? But if you used a combination of eight numbers that were randomly selected by rolling a dice, then not so easy to break.

Use a combination of letters, numbers and special characters
Use a combination of letters, numbers and special characters

The different types of hacking attacks

We could write a full article on the different types of attacks you may experience but this article is about how to create a strong password. So here is a snapshot of the most common attacks and some tips on how to safeguard against them

  1. Keylogger attacks – the action of recording the key strokes a person is making while typing on their keyboard.
    Tip – use a password manager so your password is auto-filled and not typed.
  2. Brute force attacks – a bot uses common passwords like ‘password’ or ‘1234’ and enters them into your login page. There are multiple attacks over time and if the bot hits the right password, they are into your account.
    Tip – use a lockout policy i.e. if there are for e.g. 3 failed login attempts it locks out anyone from entering a password again until it is reset.
  3. Dictionary attacks – a bot uses all the words from a dictionary and enters them into your login page. There are multiple attacks over time and if the bot hits the right word, they in. Just ask LinkedIn, they had six million passwords hacked in 2012.
    Tip – Don’t use predictable words or common passwords.
  4. Phishing attacks – Hackers masquerade as ‘legitimate’ businesses and get users to open attachments, click on links or download malicious files.
    Tip – Never click on links, download files, or open attachments from unknown senders and always verify requests for payments or updating your bank details by calling your service provider. Contact them directly to verify an email. Also, never email personal or financial information even to those you trust, as your email can still be breached.
Phishing is a common type of hacking attack
Phishing is a common type of hacking attack

How to create a strong password and other tips to protect your digital profile

Password creation:

  1. Use your web browser to create randomly generated passwords. Your favourite web browsers now offer random password suggestions when you create a new account on any platform
  2. Use an excel spreadsheet and then go mad with typing random letters, numbers and symbols into different blocks. Spread your fingers across your keyboard so as to avoid common typing patterns.
  3. Use a combination of letters in both lower-case and capitals and avoid common capitals e.g. using a capital at the beginning of your password.
  4. Use numbers and symbols when creating a new password.
  5. Fourteen characters is ideal and eight characters is the minimum to use when creating a new password.

Protecting your digital profile:

  1. Us a VPN (virtual private network) – the only way to cloak your web activity (including from your ISP) is to connect to a VPN. Here is a list of tried and tested VPN’s from security.org.
  2. Use identity theft protection  – there are some good identity theft protection software packages that you can use like from this local security company.
  3. Two factor authentication – try using two factor authentication for the most sensitive of accounts. You can set this type of security up at authy.com.
  4. Store your files in the cloud. Use cloud based services to store your information. You can use platforms like Google Drive for personal information and for more advanced features you can use a platform like Microsoft Office 365. For more information on the cloud read this blog post – What is the cloud and how to make the most of it.
Make your password as secure as possible
Make your password as secure as possible

How to keep all your passwords safe

Now that you know how to create a strong password, you need to keep them safe.

  1. Avoid using an excel spreadsheet – this method is far too common when making sure all your usernames and passwords are secure. What if you forget that one password or your laptop gets stolen or lost?
  2. Rather use one of these tools to secure all your passwords:

Lastly and most importantly

Your first line of defence is your device (phone, laptop etc.). Make sure you know how to create a strong password for your device that is the most complicated password of all. If someone gets into your device and you have saved all your login details within your browsers well then, game over.