Use Multi-factor Authentication for Security
Yogesh Sapkale
10 May 2017
As the name suggests, multi-factor authentication (MFA) is a mechanism for which the user is required to separate pieces of information or evidence to gain access. The most popular MFA across the globe is a two-factor or two-step authentication or 2FA, as it is popularly known. This is used for authenticating transactions using cards, netbanking transactions or even for emails or some websites. 
 
The MFA, typically, is required to have at least two of the following categories: knowledge (something the user knows), possession (something the user has), and inherence (something the user is). For example, for withdrawing cash from an automated teller machine (ATM), the user is required to have a plastic card (debit, ATM or credit). This is what they possess. Secondly, the user needs to know the personal identification number (PIN), which is knowledge or something the user knows. Using the 2FA transaction, the user can withdraw cash from an ATM.
 
Now, consider that you are making an online payment through your card to buy an item. You have your card number and your PIN (or card verification value - CVV). After submitting this information, you can opt for a one-time password or passcode (OTP) which is received on your mobile phone registered with the card issuer. Your payment will take place only after you enter the OTP. This is an example of MFA. 
 
MFA provides an added layer of security. Someone may steal your card and PIN, but will not be able to use it for transactions (except at an ATM or at point of sales —POS—terminal) that require validation through OTP. Most of the times, the OTP is sent through SMS and there may be some technical issues with the network that may prevent the message from reaching the user device. For such issues, the payment gateways or banks offer a chance to seek a fresh OTP. The user needs to use the latest OTP for such transactions. (As standard practice, never share the OTP with anyone, especially for transactions that you have not initiated.)
 
The third factor in MFA is inherence, or something that the user is. This involves use of biometrics, like fingerprints or retina scans. But the problem is that we still do not have scanners for authenticating biometrics within a stipulated time. Add to this, the cost and connectivity issues and the use of biometrics as part of MFA fails. Also, biometrics or similar authentication works well in a stipulated environment and for limited users. You can use fingerprints to unlock your mobile phone. However, when the time comes for using it for other authentication and verification, the payment gateway needs to compare your fingerprints with millions of other fingerprints to validate that you are who your fingerprints claim to be. A super difficult task, especially for a country with over a billion population! Some transactions are taking place through this method, but are dependent on a locally-stored database. 
 
Apart from financial service-providers, several others like Apple, Google, Microsoft, Amazon, Facebook and Twitter also offer MFA for login. Apple allows access to its multiple devices after entering the ID, password and the six-digit verification code received, either by text or a phone call. Similarly, Google allows the user to opt for a second authentication factor like a six-digit code, received either through SMS on the registered mobile or via a phone call. Recently, Google launched a service where the user just needs to tap on Google’s mobile app installed on the registered device. In addition, Google lets the user authenticate a particular device (PC or laptop) so that it can be used without the second authentication factor.  
 
Some users may find it cumbersome or time-consuming to use the multi-factor authentication, but being safe and secure is not easy. Remember, cyber criminals love people who are lazy about protecting themselves. But if you are punctilious about avoiding a serious theft like your identity, email ID, data or money, then it is better be safe than sorry and use MFA, wherever available. 

Life
The Loot That Passes for Medicine
Dr BM Hegde
10 May 2017
“This is the latest whiz kid among cardiac stents. Nowhere else in the world you will have a stent like this. I have done 56 so far. No complications at all, affordable too.”
 
This is how a cardiologist starts his live streaming video at the National Interventional Council (NIC) conference in a five-star hotel in Delhi; the conference organisers received several crores of rupees for the extravaganza. Newspaper advertisements and TV serials are old hat now. Medical advertisements and publicity look like kindergarten stuff. Now live streaming of a flamboyant cardiologist in a so-called medical conference, where normally the science of medicine is debated, is the ‘in’ thing. Even the Chinese device-maker, whose stent has not been passed by the great Food and Drug Administration (FDA), is one of the sponsors and must have also paid crores of rupees. 
 
How much will this brand ambassador, the flamboyant cardiologist, get? Where is medical ethics? What is the Medical Council of India (MCI), the watchdog responsible for keeping an eye on medical ethics, doing, apart from twiddling its thumbs? What ethics does MCI follow for itself in regulating medical education? What have we come to and what about the safety of patients who go to the hospitals? Today, a case can be made out for angioplasty, for anyone of any age, who goes to the hospital, as coronary artery blocks (not coronary artery disease) can be demonstrated in anyone, including children. In this scenario who is safe?
 
Pharma companies plotted to destroy cancer drugs to drive up prices. After purchasing five different cancer drugs from GlaxoSmithKline, Aspen Pharmacare tried to sell them in Europe for up to 40 times their previous price. That’s another headline (Sunday Times, 15 April 2017). Busulfan is an old medication for treating leukaemia. It used to sell in England for £5.20 a couple of years ago and now sells at £65.20. While bargaining for the rise in price of cancer drugs in Spain, the company wanted to raise the price by 4,000 times! When the government did not agree, the company threatened to stop supply of the cancer drug in that country. In fact, it might have been a great boon for the Spaniards to live without the dangers of these anti-cancer drugs!
 
The Cover Story of Outlook magazine dated 17 April 2017 exposes something even worse. We have been fighting a losing battle against vaccinations for decades. Outlook writes, under the headline, “When a Baby Is a Business Opportunity”: “Scared middle class India buys unwanted vaccines, some15 of them, as big pharma— mostly foreign—helps doctors to rake in the moolah with 30%-300% mark-ups.”
 
The more dangerous trend is that the Indian Academy of Paediatricians (IAP), the apex body of child specialists in the country, has now been found to be a partner in this venal business. On 20 January2017, Dr Vipin Vashista, a former convener of IAP, was unceremoniously eased out for blowing the whistle on the big money nexus in IAP. The Union health ministry, I am told, is in the know of things, but prefers to do nothing.  Maybe the ministry is afraid of the bigwigs in the vaccine business.
 
Are we willing to bring forth a generation of Indians with crippled immune system, thanks to so many useless and dangerous vaccines administered to them when they are born? Parents are confused in the cacophony of vaccine threats and advertisements. Another good soul fighting for the voiceless infants is Dr Jacob Puliyal in Delhi.
 
We are already in the dark ages of money which James Kennedy, a journalist, calls ‘monetary fascism’. “Milton Friedman and the Chicago School of Economics claimed to have refined and developed modern, scientific tools of ‘free market capitalism’; capable of unlocking ever greater rewards from Adam Smith’s simple, primitive concept of free markets… In truth, it was nothing more than a cloak of deception—providing cover for the unscrupulous behaviour of investment bankers, corporate raiders, speculators, off-shore corporation, debt mongers and bubble pushers (typically, one and the same). 

Investor Interest
No ‘Direct’ Plan if You Buy MF from Distributor
Moneylife Digital Team
10 May 2017
