Monday, May 20, 2013

Why not Indian Indian??

I have often read the excellence of the Second or Third generation immigrant Indians abroad.  At various forums the question then arises Why is it American or British or Canadian preceding the word Indian when the praise is being showered? Why is it not the "Indian" for whom we here these words of praise.  The question is really not for the readers, but it certainly is hitting at the Education System and the Mad Race for the Marks / Percentages being forced on the young generation.

The reason why it is Indian American or Indian British or Indian Canadian rather than Indian Indian - In India the talent is suppressed under the weight of expectations to study and get better marks.  Away the kids are encouraged in their research, marks are not the only criteria, innovation and entrepreneurial capabilities are supported.  In India, if someone would want to do such a work, they would be ridiculed by close circle and would be called "Jerk or Maniac".

It is really ridiculous the way things work in India.  I remember a case where one of my known once developed an FM transceiver that could work in the periphery of 500 meters and could have been used to good effect for communication in the hostel, but he was ridiculed a lot by the rest of the hostel guys and college crowd. Why, because he was a Management stream student and developing such a device was not supposed to be in his study area.  He would have junked it right there, but we helped him by adopting it for our Biking trips where we fit it in our bikes and helmets to be able to communicate while going on Bike tours...yeah - low cost communication device that used to run on bike Battery...but where did that innovation go?? down the drain...

Another case where one of my colleague developed codes to lock screens permanently for interactive logins if someone tried to impersonate you.  This could have been hailed better had it taken up by some security company. But again the guy was ridiculed by his team members and the office staff for doing that, why because he was supposed to be a network administrator and not a programmer to do so.

These are just two of the many cases that I have witnessed in my span of life I spent in India till date.  Yeah - Interesting point I thought I should mention - Two of my papers that were ridiculed in India by a leading industry body were selected for presentation abroad in annual conference of a leading Non Profit Organization that has an ISO standard to its credit.  Funny, ain't it :))

Well now that's where we Indians are - excel abroad, but ridiculed in our own homeland...
Posted by at 1 comment:
Labels:

Sunday, May 12, 2013

$45 Million Heist with Prepaid Card Duplication


I had been following the entire development on the big heist that was cracked by the US law enforcement.  The news in itself as lead to an interesting assessment for me on the way the Data Theft and duplication was carried out at mass scale.  I read various articles written across multiple news sites and went through even the comments that were made by various set of readers.  Some were pretty interesting and others were made out of hate for India and Indian service Providers as there were two card processors from India whose systems were breached.  The world as it sees may see it as a lapse of security measure implemented by the two payment processors from India, but then why shouldn't they look at the lapse of overall Risk Management System at the Banks as well as the Card network System in general??

There were articles and comments that pointed on the Core Banking Software in use, but then both the writer of the article as well as the comments need to understand that Core Banking Application has nothing to do with the Payment Cards that were compromised in this case. Before we point out the responsibility at the Core Banking Application or System or the People at the three types of organizations involved, we need to actually understand the modus operandi of the Gang Spread Across 27 Countries and specific Target being made at two Banks in Middle East.  Making a general Comment otherwise would simply be because you hate someone or because you have no knowledge either of the Baking System or the Pre-paid Card System for that purpose...Also, those trying to relate the software to this heist must first understand the it doesn't have any relation to the pre-paid cards, that is a different system that interacts with CORE BANKING Application....

One interesting point that I noted in the entire set of developments is the Lack of Controls around the Payment Cards that were compromised.  Why is it that the Banks when deploy enough controls on the Debit and Credit cards, they miss to deploy controls around the pre-paid cards that are mostly used as "Travel Currency Cards" or "Gift Cards" in most cases?  I am still perturbed as to how and why the Banks let the Payment Processors manage the Data on their local database without enforcing right set of controls required? Some additional questions that crept up to my mind - 
  1. Didn't the Payment Processor deploy layered security to ensure that the Database is in the most secured zone?
  2. Weren't Host base IDS/IPS systems deployed?
  3. Weren't transaction monitoring and logging systems deployed to create alert for fraudulent withdrawals?
  4. Weren't alerting system put in place for changes in database?
  5. Why would Visa and MasterCard let huge withdrawals go through multiple ATMs and that too from the same cards? Why were the patterns not monitored at their end?
  6. Why didn't the Banks whose ATMs were used ever sounded an alarm in the Banking Community about the huge transactions? Were they enjoying withdrawals from their ATMs and raising bills to the target Banks??
There are many such questions that need to be answered and probably we might never get an answer to these questions...for we would just read the development and arrests...What happens at the Banks, what happens at Visa and MasterCard and other organizations involved would never come to light...but, then its our Money and we must know if it is safeguarded...

Related Post - $45 Million Heist with Prepaid Card Duplication: Lessons Learned
Posted by at 1 comment:
Labels: , ,
Subscribe to: Posts (Atom)