Money & Banking
Banks start charging money for SMS alerts, mobile banking

In another example of cartelization among bankers, several banks have increased or started imposing charges for transaction alerts through SMS as well as for mobile banking. As usual, private lenders have taken the lead, which soon would be followed by nationalized banks

There is no free lunch says a popular adage. Our banks, having lured consumers with ‘free’ services, have now started charging for them or hiking already existing fees to fatten their bottomlines. So far this year, many banks have started charging for SMS alerts on transactions and hiked the annual fees on debit/credit cards. A few banks have even increased charges to deposit cash in your accounts. The list includes large banks such as ICICI Bank, HDFC Bank, Axis Bank, Kotak Mahindra Bank and Canara Bank. Here are some areas in which charges have been increased.

 

SMS Alerts: Over the past month, almost all banks have begun to charge for SMS alerts on transactions.

 

Axis Bank sent an SMS to its account holders which states that “From 15 June 2013 this (SMS banking) service will be charged Rs5 per month”. ICICI Bank is charging Rs15 per quarter. Interestingly, both amount to an identical Rs60 per annum giving rise to the suspicion that banks, working through the Indian Banks Association, decide to hike rates in tandem or to a pre-decided plan. 

 

State Bank of India (SBI) is providing various services like MobiCash, mobile banking and SMS banking free of cost. Other state-run lenders like Punjab National Bank (PNB), Bank of Baroda (BoB) and Canara Bank are also providing SMS banking and mobile banking services free of cost.

(Update: As of 1 July 2013, both SBI and PNB decided charging Rs15 per quarter for SMS alert services. PNB, however, said, accounts of senior citizens, its staff-in service and retired and students, will be exempted from this charge)

 

When asked, an Axis Bank executive said whoever is subscribed to their SMS banking services will be charged Rs5 per month. He said, whoever chooses to unsubscribe from (to unsubscribe customers have to visit branch personally) their SMS Banking services will not be charged anything. Clearly, the banks are testing the ground. Nobody is likely to unsubscribe at a time when SMS alerts have helped protect part of the money.

 

ICICI Bank notifies on its websitePlease note with effect from 1 May 2013 all savings account customers availing alerts facility through an SMS will be charged Rs15 per quarter (inclusive of taxes)”. However, ICICI Bank has kept the facility free for accounts such as salary account, senior citizen savings account, silver savings account and privilege banking.

 

HDFC Bank notifies on its website, “Effective 1stApril, customers registered for InstaAlert service with ‘SMS’ as the alert delivery channel, would be charged.”

 

HDFC Bank customers registered for InstaAlert service through ‘SMS’ are charged Rs15 per quarter for salary or savings accounts, while customers who hold current account are charged Rs25 per quarter.

 

However, HDFC Bank said, InstaAlerts delivered through emails would remain free. Interestingly debit or credit card transaction alerts sent as per regulatory guidelines and net-banking transaction alerts are not covered in the HDFC Bank InstaAlertservice. Customers who are not registered for InstaAlert service will continue to get these alerts free of charge, according to HDFC Bank.

 

While all private sector lenders have increased charges for SMS alerts, Kotak Mahindra Bank has decided to reduce its already very high charges. This reduction would bring the rates at par with other banks. It notifies on its website “for savings account holders: The daily balance SMS alert that costs Rs200 per annum will be reduced to Rs120 per annum while SMS for weekly balance, transactions and value added alerts will cost Rs60 per annum from Rs75 per annum with effect from 1st July.”

 

Yes Bank, which offers up to 7% interest on saving accounts, is charging Rs10 per month to their basic saving account (smart salary) holders. While other account holders would continue to get transaction alert messages free of cost.

 

Kotak and Yes Bank, pays a higher interest on savings account balances above Rs1 lakh. But it seems both were clearly charging significantly more for other services. Even today, at Rs120 per annum, the charges are double than that of ICICI, HDFC Bank or Axis Bank.

 

Debit Cards:

Banks from the private sector also started hiking annual fees for debit or ATM cards. Among the state-run lenders, except Canara Bank, no other bank has increased the fees. From 1st July Canara Bank would charge Rs112 as annual fee for its debit cards issues to all customers, except holders of small savings account, basic savings account and financial savings account.

 

SBI is charging Rs102 annual fees on all debit cards, except Yuva International debit card. PNB is charging Rs112 and BoB is levying Rs113 as annual fees or maintenance charges on debit-cum-ATM cards.

 

Axis Bank has increased the annual charges by 50%. It would charge Rs150 instead of Rs100 as annual fee from its debit card users in metro and urban centers. For bank account holders from semi-urban and rural, the same is revised to Rs100 from Rs50. In addition, all prime salary account would be charges Rs150 as annual fee for a debit card. Axis Bank has also increased card issuance fee for all its customers to Rs150 from 1st May.

 

While ICICI Bank is charging Rs99 for gold or silver debit cards and Rs250 for business banking debit card, HDFC Bank charges between Rs100 to Rs500. Kotak Mahindra Bank is charging between Rs100 to Rs750 for platinum debit card, as annual fees.

 

Yes Bank has already increased the charges from November last year. The Yes Business Gold Debit Card has become costlier by Rs150 following the increase. The annual fees for the card are now Rs499. There is no annual fee on the debit card for the bank’s basic savings account holders.

 

Annual fees charged on ATM/debit cards

Bank

Minimum Annual Fees (in Rs.)

(Basic Debit Cards)

Maximum Annual Fees (in Rs.)

(Platinum /Business cards)

Axis Bank

100

500

ICICI Bank

99

250

HDFC Bank

100

500

Kotak Mahindra Bank

100

750

Yes Bank

149

499

State Bank of India

0

102

Canara Bank

112

112

Bank of Baroda

113

113

Punjab National Bank

112

112

 

The increase in banking charges is contradictory to the stand taken by the regulators. Earlier this month, while speaking at an Open House organized by Moneylife Foundation, Dr KC Chakrabarty, deputy governor of Reserve Bank of India (RBI) has said that the decision on various charges levied by banks has been left to their respective board of directors while the Indian Banks Association oversees the reasonableness aspect and can suggest a cap on the charges.

 

Mohan Siroya, chairperson of the Consumer Complaints Cell (CCC) had said, "The ‘greatest wrong’ the Reserve Bank of India (RBI) has committed is by disowning its responsibility to supervise the ‘exploitation’ of bank customers. RBI has given the full liberty to each bank to levy ‘service charges’ as per their wish. It has become an open market. Now it has come to the light from the Banking Codes and Standards Board of India (BSCBI) that the Indian Banks’ Association (IBA) has been given an authority to put a 'cap' on such charges, thus fully abdicating its own duty as a statutory regulator. How is such a body expected to control the greed of making more and more money by its own members?”

 

Adding to Mr Siroya's view, Sucheta Dalal, trustee of Moneylife Foundation said, “The IBA operates in a particular pattern. When one bank decides to charge Rs500 for a debit card, the others, especially nationalised banks, follow its lead and say; okay we will charge only Rs250. This is how banking charges increase every time. Competition does not work because IBA has become a cartel. When was the last time that IBA spoke to any consumer organization or sought the consumers’ views?”

 

Ashok Ravat of All India Bank Depositors Association (AIBDA) and Vasundhara Deodhar from Mumbai Grahak Panchayat (MGP) also raised questions on the reasonableness of banking charges. Both requested the banking regulator to determine reasonable service charges.

 

Interestingly, while consumers are increasingly complaining about reasonableness of bank charges, the banks themselves are lobbying hard with the RBI, claiming that high cost of technology is making each transaction very expensive. For instance, having encouraged and pushed to obtain corporate accounts of companies, banks are now cribbing about high  transaction costs on small withdrawals from ATMs.

 

For instance, a senior central banker says that each balance inquiry costs the bank Rs11 while each transaction costs around Rs18. However, this calls for a serious discussion on the cost-benefit of technology to consumers, since the solution cannot be to load higher costs on to consumers.

 

The frequent hikes in service charges are fast reaching a stage where consumers will revolt. The Reserve Bank of India (RBI), which follows a policy of forbearance (allowing bankers to decide charges themselves) with regard to service charges, refuses to intervene. At the same time, the RBI is pushing banks to extend services to hundreds of million unbanked Indians. There is a clear disconnect here, since no-frills accounts permit only ATM transactions and banks now claim that those too involve a huge cost.

 

Can the RBI afford to remain silent about rising service charges? It is a question that the banking regulator needs to answer.

User

COMMENTS

ajay prakash pal

1 month ago

8878780741

Anand

4 months ago

When RBI has clearly mentioned bank can charge on actual usage basis how can banks charge a flat fee of Rs. 15 or any specific amount. There is no transaction happening in one of my bank from last one year or so, but bank is continuing to charge a flat fee when I haven't received a single SMS in last one year. Isn't that violation of RBI Guidelines?

Ravindra Shamsher

2 years ago

Only savings and current account holders are eligible for mobile banking service. If you register your number for mobile banking services you also get the freedom to access your bank balance, fetch account statement, transfer funds and do much more. With most banks offering mobile banking services, there are different ways to do the same but the basic procedure remains the same.

bala

3 years ago

It is absolutely looting the money from salary class account holders from their hard earned money, while it should be on free of cost for which banks are asking customers to maintain minimum balance. If Indian Government definitely want to collect the money, it should be collected from the richest people like politicians, ministers, business man where richers are becoming more richer and poorer are becoming more poorer. There is no benefit of this SMS alerts but exploiting the account holder. This is absolutely tourchering the middle class. RBI should not react on collecting money from common man rather it should corner those rich people, who has more money than their requirement and information should be available through Income Tax PAN Number. Here, I am challanging Indian Government, which has been formed by people for the benefit of people. Here, I don't see the benefit by Indian Government i.e. every day price increases, petrol increases, income tax liability increases while benefits are decreased day by day. In total Indian Government is totally one sided on richest people by politicians, business men and by collecting this money from common men it is simply sleeping. I would rather say, we should by-cott the elections, for which expenses are increased by the so-called indian government and common man life is getting miserableness.

Dayananda Kamath k

3 years ago

one more method of looting cusotmers by sbi is in gurgaon palmcourt branch of sbi suddenly the branch head desided that since it is corporate branch they need not collect cheques put in credit card drop box. i do not know whether a branch head can take such a decision on his own. since i am going out of town on holiday i dropped my cheque for sbi card in the drop box well in advance. after the due date i recive an sms that my account is overdue. i try to sms them on the number where we used to do earlier informing dropbox number and cheque number. i receive a service not available. then they have another service where you can message problem and they will contact back. i used this service also they promissed to contact back in 48 hours by sms acknowledgement but did not receive any call. subsiquenly on 20th when i came back and visited the branch. after perusing with various people they were able to locate the keys of the box and my heque along with some other 20 cheques were lying there un collected. then i went to the manager and informed the situation. and he immidetly scolded the peon why the box is lying there still and asked to remove it.however this cheque was collected on that day along with all other cheques. but sbicard has debited all the exorbitant penaltiese to all the card holders. when under core banking you are customer of a bank and not of a branch, how the action of the manager is justified. whether bankmanagment and rbi will take ation. and restore the service of drop box in the branch. they must provide it in all branches. they provide it in selected branches.and it also depeneds on whims of the branch head. whether bank will recrdit all the charges levied unethically and compensate the customers for the mental agony of being defaulter.

MDT

3 years ago

SPECIAL REQUEST TO ALL READERS...

Moneylife requests all readers not to post their personal details like bank account number, debit/credit card number , mobile number or email ID on this and any other public forums.

Thanks,
MDT

janakiram

3 years ago

DEAR SIR, MY NAME IS K VENKATA NARASIMHA REDDY PLEACE RIGISTAR ME FOR SBI MOBILE SMS ALERT THANKS

REPLY

MDT

In Reply to janakiram 3 years ago

Dear Sir,
Please contact your bank branch for this. Also we request you and all other readers from posting your account number, card number and mobile number on public forums.
Thanks,
MDT

SUMER SMTH

3 years ago

MYSMS# +639192616111=or 09192616111==SMS ONLY
SEND ME MOBILE ALERT VIA SMS


SUMMER S

Chethan S

3 years ago

SBI to charge ₹15/quarter for SMS alerts. This is the announcement on SBI homepage: "With effect from quarter ending June 2013, SMS charges of Rs.15/- (inclusive of Service Tax) per quarter will be recovered."

REPLY

arun adalja

In Reply to Chethan S 3 years ago

sbi already started charging rs 15 for quater ending june 13.without informing how can they deduct?icici bank waived sms charges for senior citizen,other banks must follow the same.

RUSHABH R SHAH

3 years ago

I think such practices not only of banks but by any organisation will continue basically because of absolute disregard for their own interest on the part of customers of bank and other business organisations. I just do not understand how, we, so called educated people behave in such irresponsible way and turn blind eye to our own interest.

Dayananda Kamath k

3 years ago

every service will be introduced free of charge initially to make it popular and then they will start charging you left right and center. and the regulators also contribute and govt also contribute by making it compulsory and then they start charging. you and you dont have any option because you come to know when you are short of time and this service is very much needed .one of the best example is service charges being charged for issuing solvency certificate. this is a certificate insisted by embassies and govt departments for tender qualifications. banks used to give it without any liability and accounting records maintined for a fees of rs. 100 to rs.1000/ but suddenly banks started charging based on the amount certified and maximum charges being rs. 25 lakhs. becoming insolvent by applying for solvency certificate. i complained to rbi with the same caption as well as how this can lead to corruption and frauds in the bank. as no entry is passed in the ledgers for issuing the certificate except for charging of charges. how an unscrupulous manager can mint money in this scheme. but no action from the rbi. but on its own bank reduced the maximum charges to rs. 25000/- but the loop hole is not yet plugged. even rs. 25ooo/- is exorbitant as there is no liability on the abnk and it is not at all accounted in the banks balance sheets.

Suiketu Shah

3 years ago

One must not forget that this trend of charging on even the smallest of service was started by HDFC Bank.The others have only followed.

arun adalja

3 years ago

icici banks is sending sms for creditin the money in the account but total amount in the account is not updating in sms.then why should i pay when full details are not given?

Jingo

3 years ago

Hi, thanks for the engaging article..

I feel it needs to give a balanced view.. Banks are public limited companies, and need to make profits to be able to expand their reach, recover their costs, provide for the bad debts, invest in better technologies to prevent fraudsters from running amok, etc.

I don't think when we work for a company, we say that our cost of living is only Rs. 25,000, you don't need to pay me more than that. If my cost of living goes p, will come and ask you for a pay revision.

Banks need to increase dividend to shareholders, pay salaries to thousands of people they employ, give loans to small and big companies so that they can expand their operations and give employment.

Now, no doubt there are many things wrong about our banking system - banks' reluctance in general to give loans to smaller enterprises and individuals without taking adequate collateral to protect their capital; banks inability to expand into villages and rural areas; the propensity of politicians to manipulate banks into giving loans to undeserving organizations; corruption involved in lending decisions; the business of NPAs; tendency to increase charges frequently; et al.

What muddles the picture even more is the prevalence of the grey economy in the country. A large part of the economy works on cash only, and unaccounted cash at that. What it means is that those funds either don't enter the banking system at all, or reaches in fictitious names leaving the banks vulnerable to KYC norms.

Customers across the world pay far more charges for accessing banking services, and people don't mind paying those charges as the alternatives are either not present or are very expensive. Also, product prices vary depending on the features available on the product as well. So, if a particular banking account comes to you with free life insurance or general insurance cover, then paying a nominally higher amount as fees should be okay?

What Axis Bank has done is actually being clever by half. Whoever thought of this thing of customer canceling it by visiting branches did the bank's brand a big disservice, as customers would immediately understand that they are being taken for a ride here, and maybe lots of them wont switch banks immediately, but they will remember that the bank took advantage of the fact that they wouldn't find the time to visit the branch and cancel their mobile banking subscription. I suspect that even if the customer were to go to the branch, the branch would know nothing about this, and would require the customer to make multiple visits to get the necessary action recorded and undertaken. This is a malicious action and reeks of profiteering.

Banks spend approximately 25 paise for every sms and it sounded like a good idea to charge for actual number of sms sent, but maybe putting something like that in place might be expensive for banks.

No doubt RBI needs to pay attention to this streak of banks to increase charges from time to time. But maybe RBI also needs to see what it needs to regulate and what it needs to free up for the banks.

For instance should the banks in India be making NIMs of 4.5 percent?? That sounds very high when compared with the NIMs in other developing countries.

Should the banks be having prepayment penalties when they have already charged processing fee upfront?

The government's role in banking also needs to be assessed. Do we need the government to run banks, and dictate terms to them about whom to lend and how much?



Mun Mohan Kale

3 years ago

No charges need be levied for any service being rendered. It is duping customers. The charges are also varying from bank to bank at their whims & fancies. Govt should step in & cancel all such charges. Unfortunately these banks must be paying hush money to all concerned especially politicians.

RTI Judgement Series: Making report on paid news public

The CIC directed the PIO to provide copy of the two-member committee report on paid news and publish the same on the website of the Press Council of India. This is the 116th in a series of important judgements given by former Central Information Commissioner Shailesh Gandhi that can be used or quoted in an RTI application

The Central Information Commission (CIC), while allowing an appeal, directed the Central Public Information Officer (CPIO) at the Press Council of India to provide as well as publish on its website a copy of the report submitted by two-member sub-committee of Paranjoy Guha Thakurta and K Sreenivas Reddy set up to probe the paid news saga.

 

While giving this judgement on 19 September 2011, Shailesh Gandhi, the then Central Information Commissioner, said, “PIO had refused to disclose this information without giving any of the exemption clauses under Section 8(1) of the RTI Act. The PIO should ensure that the report is placed on the website of the Council before 10 October 2011.”

 

New Delhi resident Manu Moudgil, on 3 January 2011, sought copy of the report submitted by two-member sub-committee of Paranjoy Guha Thakurta and K Sreenivas Reddy set up to probe the phenomenon of paid news from the CPIO. Here is the information he sought under the RTI Act and the reply provided by the CPIO...

 

1. Please provide a copy of the report submitted by two member sub-committee of Paranjoy Guha Thakurta and K Sreenivas Reddy to probe the phenomenon of paid news          

CPIO Reply: In this connection kindly refer to the foot note of final report of council (copy attached) which reads as follows:

“the Council decided that the report of the sub-committee may remain on record of the council as reference document”

With a view to facilitate providing copy of the said report, legal opinion has been sought on 7.09.2010.on the receipt of the same, the Secretariat would consider providing it to the general public/RTI applicants.

 

2. Please provide details of the meeting held on 30 July 2010 to discuss the issue of paid news, provide copy of the minutes of the meeting and any other documents detailing the proceedings of the meeting.      

CPIO Reply: Extracts of the minutes of the Council meeting held on 30.07.2010 are attached  (Annexure - A)

 

3. Please provide details of written or electronic communication received or send on the issue of the sub committee's report. Please provide copies of the same.   

CPIO Reply: Index of relevant documents is attached. (Annexure - B)

 

4. The undersigned would, at his discretion, also like to inspect all the records (both electronic and paper records), documents/letters, communication, notes, books, books of accounts, voucher, etc, which are relied on by your department and/or on the basis of which the information to the above mentioned request is supplied/to be provided. Kindly provide the working hours of your office and the name, contact details and exact location of the record officer/other officials in whose custody the said records are available ad can be inspected.     

CPIO Reply: The working hours of the office are 9.30am-6.00pm. You may visit any working day, preferably with prior appointment at Phone No. 24366745 - 46-47 Extn. 320 with Assistant Public Information Officer to facilitate inspection of required documents. The address of the office is given on the letter head.

 

Not satisfied with the CPIO's reply, Moudgil filed his first appeal in which he contended that the said report was a public document and should be made available to the general public and under the RTI Act. 

 

In his order, the First Appellate Authority (FAA) reiterated the reply of the CPIO. He said, “...legal opinion on the report of the sub-committee on paid news has not been received so far. On the receipt of the same, the Secretariat would consider providing it to the general public/RTI applicants.”

 

Moudgil, then approached the Commission. In his second appeal, he reiterated that the said report was a public document and should be made available to the general public and under the RTI Act. In addition, more than seven months has lapsed since the date of seeking legal opinion i.e. 7 September 2010, he said.

 

During the hearing, Mr Gandhi, the then CIC, noted that the PIO had refused to disclose this information without giving any of the exemption clauses under Section 8(1) of the RTI Act. "The PIO appears to have felt since the decision had not been taken in the matter the report could not be provided. Right to Information is a fundamental right of citizens and if what is sought is information as defined under Section 2(f) of the RTI Act which is held by the public authority, denial can only be on the basis that the information is exempt under Section 8(1) of the RTI Act," he said.

 

The PIO stated that on 14 September 2011 she had sent a letter to the appellant stating that the 71 pages report could be provided on payment of additional fee of Rs142.

 

Moudgil stated that he had not received this letter and demanded that the reports should be provided free of cost to him and also this should be put up on the website under Section 4 of the RTI Act.

 

Mr Gandhi said, this was a reasonable demand. The Commission using its power under Section 19(8)(a)(iii) directed the PIO to ensure that the report is placed on the website of the Council before 10 October 2011. This would be in fulfilment of its obligation under Section 4(1)(b)(xvii) of the RTI Act, the CIC said in its order.

 

While allowing the complaint, the CIC also directed the PIO to ensure that an attested copy of the report is sent to the complainant before 30 September 2011.

 

CENTRAL INFORMATION COMMISSION

 

Decision No. CIC/AD/C/2011/000989/SG/14680

http://www.rti.india.gov.in/cic_decisions/CIC_AD_C_2011_000989_SG_14680_M_66957.pdf

Appeal No. CIC/AD/C/2011/000989/SG

 

 

Complainant                                                : Manu Moudgil

                                                            New Delhi - 110 078

                                                                            

Respondents                                               : Punam Sibbal

                                                            PIO & Dy. Secretary

                                                            Press Council of India,

                                                            Soochna Bhawan, 8 CGO Complex,

                                                          Lodhi Road, New Delhi - 110 003

User

A buyer’s guide to safer communication

There are a lot of ways to talk to people securely on the internet, including some that are purpose-built to enhance your privacy and security. Here's a guide to getting started

This is part two of a two-part series. Here’s part one: Worried about the Mass Surveillance? How to Practice Safer Communication.
 

"Encryption works." --Edward Snowden
 

What makes choosing good security tools hard is that despite the news, we don’t know what government agencies like the NSA are really doing on their wiretaps and with their court orders. People in the security community call the NSA the “ultimate adversary,” and point to a huge array of ways they could be analyzing and attacking every part of the net and telephony system. They could be able to decrypt everything, and even without breaking encryption, they could be able to look at enough of the internet to determine who is talking to whom just by looking at the timing of conversation. But on the other hand, they might not be able to do any of that, and are trying to project the image of data omniscience to discourage people from even trying to protect their privacy. Parts of the NSA could be pretending to be able to do things it can’t while other parts are doing things more invasive than anyone knows, hidden from oversight. In the end, our questions still exceed our answers, and even the parts we think we know keep changing. The NSA's data collection is a story that will only make sense in hindsight, and we don't know how far from now that perspective is.
 

While Americans get to have a conversation with their government about whether this is right or wrong, the 95% of the planet the NSA is allowed to surveil without further scrutiny doesn’t get to weigh in at all, nor do the people living in countries whose governments practice widespread Internet surveillance and censorship. That’s billions of people for whom choosing tools for protecting their privacy on the net is simply a question about the technology, not about the law.
 

The good news is that as we understand more about how surveillance works, it helps the people who create and use secure tools to make better and more informed choices -- even if that choice is simply not minding having their data collected.
 

There are a lot of ways to talk to people securely on the internet, some are purpose-built to enhance your privacy and security. This is by no means an exhaustive list, but it’s a place to start.
 

We’ll keep filling out this list over the next few days, so if there’s a piece of software you want us to have a look at, mention them in the comments or e-mail them to us at [email protected].
 

Cryptocat

(PC)

What does it let you do? Cryptocat is a web-based encrypted text chat for two or more people.
 

Cryptocat heads up this list of tools because it stands out for good interface and good policies. It's the easiest tool on this list to use, and Cryptocat's creator is transparent about how the software handles your data: It goes through a server run by Cryptocat’s creator, Nadim Kobeissi. Kobeissi wrote a blog post with a table explaining who can see your metadata and messages when you use the service.
 

To get it, go to crypto.cat, and download the browser plugin. Mac users can also find it as a standalone program in Apple’s App Store. After that, you pick a name for the chatroom and for yourself. Share the chatroom name with whoever you want to talk to, and start chatting. It is hands-down the easiest way to get started with end-to-end encryption, where only you and the person you're talking to can see the message. For more on what end-to-end means, see part one.
 

What does it replace? Cryptocat replaces unencrypted instant messaging and chatrooms, and has some Facebook- and Google-style group coordination features. It’s sometimes the only option when you don’t have the ability to install software on the computer you’re using.
 

Cryptocat, like all the tools on this list, go through a third party server. This means the communication is more like making a phone call, (which goes through the phone company) than talking on walkie talkies (which go directly to the other party). All of Cryptocat is Open Source, so if you are up for more of a challenge, you can run a server inside your own network, and your Cryptocat chats, in addition to being end-to-end encrypted, never traverse the open Internet.

This chart covers the kind of information we should all have access to about the software we use. It would be fantastic to see more projects and companies follow Cryptocat’s lead, and tell their users who can see their data.
 

Jabber with OTR

(PC, iOS, Android)
 

What does it let you do? Jabber, also called XMPP (thanks for another great name, computer scientists!), isn’t a specific program or service. It’s a protocol, which is a term for an established procedure for doing something on the net. In particular, Jabber is a protocol for text-based chat, also called Instant Messaging, between two people.
 

OTR (“Off the Record”) is a plug-in that encrypts text chat content so that only you and the person you’re corresponding with can read it.
 

“Only the actual content of your messages is encrypted with OTR, but usually the XMPP channel is secured with SSL as well,” says Chris Ballinger, creator of Chatsecure, a Jabber client for iOS devices. Ballinger listed some of the metadata that is visible if your service doesn’t use SSL, which is separate from OTR message encryption. (Again, see part one for details.) Ballinger's list included:
 

  • When you started or stopped typing
  • Your availability
  • Your status messages
  • When you send or received a message
  • The sender and recipient of each message (full Jabber ID)
  • Your buddy list
  • A constant stream of your buddies status updates.
     

What does it replace? It can replace SMS on phones, or IM and Facebook Chat online. Unlike proprietary services like Facebook Chat and Google Hangouts, Jabber lets you talk to anyone who also speaks Jabber, even if they’re not using the same service you are.
 

The Jabber protocol isn’t itself secure or private, though most Jabber services will use SSL to encrypt your traffic. With OTR, which is built into some clients and is a separate add-on for others, you can encrypt your messages so that even the Jabber server can’t read them; only the person you’re talking to can. OTR is one of the easiest forms of encryption. All you need is an OTR-capable chat program.
 

OTR-encrypted IM is reportedly the way Edward Snowden initially corresponded with Guardian journalist Glenn Greenwald.
 

Jabber Clients

Chatsecure for iOS Devices
 

By default, Chatsecure tries to use SSL to talk to your Jabber server, but it can switch off SSL. The advanced options allow you to "Force TLS," which is another name for SSL.
 

Gibberbot for Android devices

The creator of Gibberbot, the Guardian Project, specifically makes software for people who need security. Using the software can be difficult, but it doesn’t let you make too many mistakes. Gibberbot won’t connect to a server without using SSL. Gibberbot can also be used with Tor, which we’ll come to in a bit.
 

Pidgin for Windows/Linux; Adium for Mac OS X

You download Pidgin for Windows and Linux from pidgin.im and Adium for Mac OS X from adium.im.
 

While they’re easy to use and also interoperate well with services like Facebook Chat and AIM as well as Jabber, these programs might not be secure by default, so you should check your settings. In both of them you have to hunt through menus to “edit” or “modify” your Jabber account. On Pidgin, SSL is under the “Advanced” menu as "Require encryption" inside the accounts screen and may already be enabled. On Adium, it’s under “Options” as "Require SSL/TLS." You have to enable SSL to be sure you're using it.
 



You’ll also want to make absolutely sure that logging is turned off, as logs are stored on your computer unencrypted. Also, in some cases, like Pidgin your Jabber password is stored in a plain text file on your computer. This is why if you're a target, (which this tutorial assumes you are not) your computer is often your weakest point, not your communications.
 

A Note on Jabber Services
 

If you want to use the Jabber protocol you need to use a service that supports it. There are a lot of Jabber services out there, some better than others. Services like Dukgo.com and Jabber.ccc.de(in German) have explicit policies about when they do and don’t cooperate with governments. Jabber gains some of its privacy protections from being decentralized (as opposed to, say, Google, AOL, Facebook, etc.) but that puts more burden on you to research your provider. XMPP.net maintains a list of Jabber servers that are open to use, listing their jurisdiction and what SSL certificate they use. It’s a good starting point, but it’s up to you to look at a prospective service’s website or ask them about their privacy policy.
 

Silent Circle
 

(PC, iOS, Android)

What does it let you do? Silent Circle is a commercial service that lets you text chat and make calls over your phone and video chat on Windows with end-to-end encryption and SSL.
 

Silent Circle has the benefit of being purpose-built for security, and a lot of thought has gone into its design, making it easy to use. It’s got some drawbacks: It’s centralized, it’s closed-source and it costs money, which means the people running it need to know your real identity for you to use it. At the cheapest level, Silent Circle can be had right now for $10 a month with an annual subscription. You can only use some features with other Silent Circle subscribers.
 

What does it replace? Silent Circle replaces regular phone calls and text messages, and Skype for Windows. (Other operating systems are under development at this time)

Using a service like Silent Circle exposes one very important piece of data: That you are someone concerned enough about security to pay for it. That bit of consumer behavior that sends a strong political message, but it may also give the impression to attackers, state or otherwise, that you feel you have something worth attacking -- more so than the other services listed here.
 

Silent Circle also has an email offering, but like all encrypted email, it leaks metadata.
 

Tor

(PC, iOS, Android)
 

What does it let you do? Tor does one simple and important thing: It hides your IP address.
 

Tor is completely separate from encryption. It doesn’t encrypt your metadata on the Internet via SSL. It doesn’t know whether or not you’re encrypting your messages. But your IP address is one of the hardest to mask and most personally identifying pieces of metadata there is on the net. As a result, Tor is used for anonymous speech and censorship evasion around the world. How Tor works.
 

What does it replace? Services called VPNs, or Virtual Private Networks, hide your IP and data from the wider internet by passing it through a encrypted private network. Tor duplicates one function of a VPN, but in a decentralized way. Rather than a single encrypted private network, Tor piggybacks your internet connection through a bunch of network connections run by volunteers. As far as the experts know, nobody can reliably record all Tor traffic, nor know the real origin of any internet connection.
 

Tor is the hardest tool to use on this list, but what it does is very powerful. Be prepared to give this one a little time. There's plenty of documentation to help you along.
 

Tor Clients
 

The Tor Browser Bundle for Windows, Mac OS X and Linux

The Tor browser bundle makes using Tor much easier. It comes with the Tor system, called Vidalia, and a Tor browser (based on Firefox) set up to use it. You can put Vidalia together with any other application on this list to hide your IP, even from the service you’re using.
 

Orbot and Orweb for Android

Orbot is the Guardian Project’s cellphone-sized version of Vidalia. Orweb is a Tor browser for your phone. Orbot can route any Android application with options for setting a “proxy server” through Tor, hiding your IP. For instance, it works with the Twitter app. Despite the first message you see, you don’t have to “root” your phone to use it; ignore that message.
 

The Onion Browser for iOS

Onion Browser is a Tor-powered web browser for iOS devices, written by Mike Tigas, who currently works at ProPublica as its Knight-Mozilla OpenNews Fellow. Onion Browser allows you to use the web over Tor without having to jailbreak your iPhone or iPad. Like Tor Browser Bundle and Orweb, your traffic is encrypted and anonymized. Unlike the others, Onion Browser is a standalone app and cannot proxy traffic for other apps on your device.
 

So Many Tools, So Little Room.

There are many tools we haven't discussed here. Some, like Jitsi (Voice-Over-IP audio and video calls), because it's still too hard for the average user. Others, like PGP for email, because it doesn't address the issue of mass metadata surveillance that is the focus of this article. And still others, like Wickr for iOS, because I just don’t have the room. But you can have fun with it: These services and many other out there do a great job of encrypting your messages and your metadata, and put you back in control of who gets to watch you on your networks.
 

This can all seem overwhelming, but learning even one tool makes the next one much easier to understand conceptually. These tools will get easier for everyone with time and development. The internet has, throughout its history, responded to threats by toughening up; threats change and the Internet evolves with it. It’s an ecology as much as a network, a wild place, sometimes a forest, sometimes a swamp. It’s early days, but the internet is where we live more and more of our lives, and as we get a sense of it, living there safely will become a normal part of life.
 

“The news this week makes a lot of people feel helpless,” said Abel Luck, one of the Guardian Project developers. “There’s a war on privacy on, and every time you use a bit of cryptography, you’re winning.”
 

Computer designed by Anton Outkine from The Noun Project

User

We are listening!

Solve the equation and enter in the Captcha field.
  Loading...
Close

To continue


Please
Sign Up or Sign In
with

Email
Close

To continue


Please
Sign Up or Sign In
with

Email

BUY NOW

The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Magazine
Fiercely independent and pro-consumer information on personal finance
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
MAS: Complete Online Financial Advisory
(Includes Moneylife Magazine and Lion Stockletter)