Digital Awareness UNIT II, III, IV and V
Digital Awareness UNIT II, III, IV and V
Digital Awareness UNIT II, III, IV and V
UNIT: II
CONTENTS:
Digital Payments and e-Commerce:
Internet Banking: National Electronic Fund Transfer (NEFT), Real Time Gross Settlement (RTGS),
Immediate Payment Service (IMPS)
Digital Financial Tools: Understanding OTP [One Time Password], QR [Quick Response] Code, UPI
[Unified Payment Interface], AEPS [Aadhaar Enabled Payment System]; USSD [Unstructured
Supplementary Service Data], Card [Credit / Debit], eWallet, PoS [Point of Sale]
INTERNET BANKING
Internet banking, also known as online banking, e-banking or virtual banking, is an electronic payment
system that enables customers of a bank or other financial institution to conduct a range of financial
transactions through the financial institution's website.
Different types of online financial transactions are:
1
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
from any bank branch to any individual, firm or corporate having an account with any other bank branch
in the country participating in the Scheme. Individuals, firms or corporates maintaining accounts with a
bank branch can transfer funds using NEFT. Even such individuals who do not have a bank account
(walk-in customers) can also deposit cash at the NEFT-enabled branches with instructions to transfer
funds using NEFT. However, such cash remittances will be restricted to a maximum of Rs.50,000/- per
transaction. NEFT, thus, facilitates originators or remitters to initiate funds transfer transactions even
without having a bank account. Presently, NEFT operates in hourly batches - there are twelve
settlements from 8 am to 7 pm on week days (Monday through Friday) and six settlements from 8 am to
1 pm on Saturdays.
Real Time Gross Settlement (RTGS)
RTGS is defined as the continuous (real-time) settlement of funds transfers individually on an order by
order basis (without netting). 'Real Time' means the processing of instructions at the time they are
received rather than at some later time; 'Gross Settlement' means the settlement of funds transfer
instructions occurs individually (on an instruction by instruction basis). Considering that the funds
settlement takes place in the books of the Reserve Bank of India, the payments are final and irrevocable.
The RTGS system is primarily meant for large value transactions. The minimum amount to be remitted
through RTGS is 2 lakh. There is no upper ceiling for RTGS transactions. The RTGS service for
customer's transactions is available to banks from 9.00 hours to 16.30 hours on week days and from 9.00
hours to 14:00 hours on Saturdays for settlement at the RBI end. However, the timings that the banks
follow may vary depending on the customer timings of the bank branches.
RTGS Charges - Each bank can fix its charges for RTGS transactions. The details of charges
(Excluding GST) are as below:
Bank RTGS Charges RTGS Charges (Bank Branch) RTGS
(Mobile) Limit
2
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
PNB Nil Rs. 2 lakhs to 5 lakhs - Rs. 20.00 + GST & Above Rs. 5
Rs. 5 lakhs-Rs. 40.00 + GST Lakhs
Kotak - Rs. 2 Lakhs to 5 Lakhs- Rs. 20+ GST & Above Rs. 10
Bank Rs. 5 Lakhs- Rs. 40+ GST Lakhs
Yes Bank - Above Rs. 2 Lakhs - Upto Rs. 5 Lakhs- Rs. 25 & -
Above Rs. 5 Lakhs - Rs. 50
3
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Objectives of IMPS:
To enable bank customers to use mobile instruments as a channel for accessing their banks
accounts and remit funds
Making payment simpler just with the mobile number of the beneficiary
To sub-serve the goal of Reserve Bank of India (RBI) in electronification of retail payments
To facilitate mobile payment systems already introduced in India with the Reserve Bank of India
Mobile Payment Guidelines 2008 to be inter-operable across banks and mobile operators in a safe
and secured manner
To build the foundation for a full range of mobile based Banking services.
Transaction Time Within 1-2 hours Real-time, within a few Instant, within a few
minutes seconds
Timings 365 days 24*7 365 days 24*7 365 days 24*7
4
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
While RTGS and NEFT fall under the purview of the Reserve Bank of India, IMPS is managed by
the National Payments Corporation of India.
Offline and
Availability online Offline and online Only online
Every half-an-
Settlement hour Real-time Real-time
Minimum Transfer
Limit ₹1 ₹2 lakhs ₹1
Maximum Transfer
Limit 50000 According to branches ₹5 lakhs
5
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Service Timings Available 365 days 24×7 Available 365 days 24×7 A
vailable 3
65
days 24/7
6
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Transaction Fee: A separate transaction fee is levied for money transfer. However, in case the
recipient does not receive the money, no fee is levied.
GST: As per the latest norms, GST applies to the transaction fee.
Network: Both the sender and receiver bank must be part of the network for the transfer to be
executed successfully.
A one-time password (OTP) is an identity verification tool for authenticating users logging into an account,
network, or system. A user is sent a password containing a unique string of numbers or letters that can only be
used once to log in. Used or not, these password codes expire after a short period of time.
As their name suggests, one-time passwords can only be used once and expire after a set amount of time. They
can be sent to a user by email, phone call, authenticator app (common ones include Google Authenticator or
Microsoft Authenticator), text message, or as a push notification.
7
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
OTPs can be used as single-factor authentication to replace static passwords, where customers are issued a unique
PIN for each login session rather than creating a username and password.
Or, they can be used in addition to user-generated credentials for two-factor authentication (2FA) during sign-up,
login, or transaction approvals, where:
1. A customer attempts to use their username and password from an unrecognized device
2. The customer then receives and uses their OTP to verify their identity and device.
For the end user, getting an OTP code is quite easy, making the experience secure but effortless. Here‟s a
common scenario:
1. A customer attempts to log on to their online banking account from their phone.
2. The bank doesn‟t recognize their device. To protect the user‟s information they offer to send a verification
code via text message, phone call, push notification, or email.
3. After the customer selects their preferred delivery method, they get an OTP key within seconds.
4. The user proceeds with their login, entering the key along with their ID and password and…voila! They‟re free
to enjoy all of their online banking tools.
Pretty cool , right? Behind the scenes, all kinds of magic happened to generate and deliver that one-time passcode
to the customer‟s screen. We‟ll reveal the magician‟s secrets in the section below.
8
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Whenever a user tries to access a system or perform a transaction on an unauthenticated device, an OTP
generator and an authentication server work together using security tokens (or shared secrets) to verify their
identity.
First, the OTP generator uses a hashed message authentication code (HMAC) algorithm to create a new, random
code for each access request.
As the name implies, all OTPs only work once, but the unique password will either be hash-based (HOTP) or
time-based (TOTP).
The main difference between a hash-based OTP (HOTP) and time-based one-time password (TOTP) is the
moving factor that changes each time the algorithm generates the code.
Hash-based OTPs:
The moving factor is a counter, which is generated based on the total number of OTPs created
Passwords are generated with an algorithm
Like taking a ticket in line at the bakery, the number is included in the password
Passwords expire after use or a new OTP is requested
9
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Time-based OTPs:
Once issued, the OTP generator shares the new code with the backend authentication server.
When the user enters their code, the OTP authentication server uses the same algorithm as the generator to match
the code for easy and instant validation!
10
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Passwords are a vulnerable form of identity verification. In fact, in 2023, 74% of business data breaches were
attributed to the “human element,” including weak or stolen credentials.
So, how can businesses help their customers keep their passwords safe? Well, the first step is certainly educating
them on best practices – things like never sharing a password, never using the same password for multiple
accounts, including numbers and symbols in passwords, and never using personal information like a phone
number or birthday for a password.
But often that isn‟t enough, especially for businesses holding sensitive information. Adding another layer of
authentication like one-time passwords or two-factor authentication ensures better security because these factors
change with each new login attempt or transaction. Overall, one-time passwords serve as a reliable and versatile
security measure, and with such a wide range of possibilities, they offer some spectacular benefits.
However, one-time passwords can still be abused by hackers, so we recommend using SIM-based verification
methods like Flash Call Verification and Data Verification. These methods require users to engage with a prompt
on their mobile devices, making life more difficult for opportunistic hackers.
Okay, not exactly endless, but pretty close. With verification more critical than ever, we‟re seeing more and more
industries opt for two-factor authentication methods supported by OTPs to verify user identities.
Some of the industries that are successfully transforming the user validation process include:
Financial services and digital banking: In the financial realm, OTPs ensure secure login and transaction
verification, safeguarding users' credit card information, funds, and sensitive data.
Retail and e-commerce: E-commerce platforms use OTPs to validate customer identities during payment
processes and confirm transactions, reducing the risk of fraudulent transactions.
Healthcare: The medical industry can use OTPs to ensure secure access to patient records and
confidential information.
Insurance and employee benefit providers: Insurers can use OTPs to validate and verify claim
submissions and access to other important documents.
IT services: Information technology services can use OTPs as an additional factor, along with regular
credentials like username and password, for user authentication when employees log in to systems,
networks, or applications.
Business administration: OTPs can secure access to confidential documents, or in workflows that
include approval processes;
11
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Government services: OTPs add another layer of security for individuals logging in to government
portals or applications to access services like tax filing, permit applications, or benefits enrollment.
Across industries, some additional useful applications of one-time passcodes include validating users when they
take certain actions, like:
12
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Example:
"Due to heightened vigilance around contagious diseases, many restaurants now post QR codes around
their dining areas so customers can use their mobile phones to pull up an online menu. This reduces
high-touch surfaces such as printed menus."
Model 1 is the original one, which has the capacity to code 1167 numerals. However, all the later
versions had better encoding capacity, including 2, which is an improvement of 1.
#2 Micro QR Code
This code allows printing in a small space with one orientation or position-detecting pattern. It differs
from the usual QR codes that need a specific area to detect patterns at the three corners. Furthermore,
micro QR codes need only two module-wide margins, while normal QR codes require at least four-
module wide margins.
Logo Q comes with improved visual recognition ability by combining it with alphabets and pictorial
representations in color.
13
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
#4 IQR Code
It is a matrix-type 2D code whose position and size are easily read. This code accommodates a wide
range of codes, including smaller than normal, micro QR, and larger ones.
#5 Encrypted QR Code
This code contains a QR reading restricting function containing encrypted data. When it comes to
encrypted QR codes, one can apply the encrypted information to the Quick response code generator,
which creates the QR code. The decoder later scans and decodes this code and obtains the data using
decryption procedures.
QR Code Barcode
Stores more data than a barcode Stores less data than a QR code
14
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
With the above context in mind, NPCI conducted a pilot launch with 21 member banks. The pilot launch
was on 11th April 2016 by Dr. Raghuram G Rajan, Governor, RBI at Mumbai. Banks have started to
upload their UPI enabled Apps on Google Play store from 25th August, 2016 onwards.
How is it unique?
Immediate money transfer through mobile device round the clock 24*7 and 365 days.
Single Click 2 Factor Authentication – Aligned with the Regulatory guidelines, yet provides for a very
strong feature of seamless single click payment.
Virtual address of the customer for Pull & Push provides for incremental security with the customer not
required to enter the details such as Card no, Account number; IFSC etc.
Utility Bill Payments, Over the Counter Payments, QR Code (Scan and Pay) based payments.
Unified Payments Interface (UPI) is a payment system that allows users to link more than one bank
account in a single smartphone app and make fund transfers without having to provide IFSC code or
account number.
This is a real-time payment system where funds are credited instantly on a real-time basis.
A smartphone
An active bank account
The mobile number must be active and linked to the bank account
Internet connection
UPI is slowly becoming the most preferred form of digital payment. The UPI interface is compatible
with most banks and many digital wallets, and payment applications are embracing UPI. Some of the
apps include Google Tez, Paytm, PhonePe and the like.
The interchange fee is not applicable for customers and applicable for the prepaid payment
instruments (PPI) merchant transactions as per the National Payments Corporation of India
(NPCI)
15
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
For peer-to-peer (P2P) and peer-to-peer-merchant (P2PM) transactions, interchange fee will not
be levied
UPI payment is free, and no charges will be levied while making payment from bank account or
PPI/ Paytm Wallet
Choice of using any RuPay Credit card, bank account, and prepaid wallets on UPI-enabled apps
will be provided to the customers.
Participants in UPI:
1. Remitter bank
2. Beneficiary bank
3. NPCI
4. Merchants
5. Bank account holder
6. Payer PSP
7. Payee PSP
16
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Steps to Register:
You need to download the UPI app from the App Store.
You can also create your profile by typing in details like your virtual id (payment address),
name, and password.
You can go to 'Add/Link/Manage Bank Account' option and then link the bank and account
number with the virtual ID.
You can select the bank account from which you want to initiate the payment, and follow with
any of these options:
You will get an OTP from the bank on your registered mobile number
You can enter last 6 digits of your debit card number and the expiry date
You should enter the OTP and your preferred numeric UPI PIN and click 'Submit'
Once you click Submit, you will get a notification
You should enter your old UPI PIN and new UPI PIN and click 'Submit'
PUSH
This is when you send money using a virtual address:
17
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
PULL
This is when you request money:
There are no fees and charges applicable to the UPI platform. The UPI programme was launched with
the aim to promote digital transactions. The NCPI had earlier marked the transaction charges to be 50
paise per transaction. However, the Government of India had later cancelled these charges to make sure
that more and more people started using the platform.
The main aim of the UPI applications is to promote digital transactions and paving way for a cashless
economy. With UPI, users can avail the benefit of not carrying physical cash or any form of plastic
money. All transactions can be taken care of using their smartphones.
UPI transactions are secured using UPI PINs which is a 4-6 digit numerical combination. In addition to
that, the applications are highly encrypted and have heavy bandwidth capacity.
PhonePe
Paytm
BHIM app
MobiKwik
Google Tez
18
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Uber
Chillr
Paytm Payments Bank
SBI Pay
iMobile
Axis Pay
BOB UPI
The entire list of banks that offer the UPI facility can be found on https://www.npci.org.in/what-we-
do/upi/live-members.
UPI is an initiative that was taken by the National Payments Corporation of India (NPCI) as they
partnered with the Reserve Bank of India and Indian Banks Association (IBA).
NPCI is a firm that handles the RuPay payments infrastructure and is similar to MasterCard and Visa. It
enables various banks to interconnect and also transfer funds.
Immediate Payments Service (IMPS) is another initiative by the NPCI. UPI is now considered as an
advanced version of the IMPS facility.
The UPI ID is an identification for a bank account which can be used for sending and receiving funds.
The UPI PIN is a 4-digit personal identification number has to be entered for authorising the transfer of
money via UPI. This PIN can be chosen by the account holder.
UPI 2.0 is a new and upcoming version of UPI payment system with improved features and benefits. It
is being touted as a more secure and comprehensive service with easier authentication process.
Although UPI app is chock full of features, UPI 2.0 promises to be a better tool than its predecessor.
Here are some of the new features set to be introduced in UPI 2.0:
Bill Payment:
Pre-Authorized Transaction:
Biometric Authentication:
19
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Error Resolution:
Scheduled Payment:
The model removes the need for OTPs, bank account details, and other financial details. It
allows fund transfers using only the bank name, Aadhaar number, and fingerprint captured
during Aadhaar enrolment, according to the National Payments Corporation of India (NPCI).
Neither the Unique Identification Authority of India (UIDAI) nor NPCI mentions clearly
whether AePS is enabled by default.
Cashless India, a website managed and run by MeitY, says the service does not require any
activation, with the only requirement being that the user’s bank account should be linked
with their Aadhaar number.
Users who wish to receive any benefit or subsidy under schemes notified under section 7 of the
Aadhaar Act, have to mandatorily submit their Aadhaar number to the banking service
provider, according to UIDAI.
Aadhaar is also the preferred method of KYC for banking institutions, thus enabling AePS by
default for most bank account holders.
20
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The UIDAI has also implemented a new two-factor authentication mechanism that uses a
machine-learning-based security system, combining finger minutiae and finger image capture to
check the liveness of a fingerprint.
Users are also advised to ensure that they lock their Aadhaar information by visiting the
UIDAI website or using the mobile app.
This will ensure that their biometric information, even if compromised, cannot be used to
initiate financial transactions. Aadhaar can be unlocked when the need for biometric
authentication arises, such as for property registration and passport renewals, after which
it can again be locked.
Aadhaar cards can be locked using the UIDAI website to generate a 16-digit VID number via
SMS service.
Users can also lock their Aadhaar biometric information using the My Aadhaar tab on the UIDAI
website.
Cyber fraud must be minimized in order to reap the full advantage of digital India and to restore the
belief of the people in the digital ecosystem.
Uses of AEPS
AEPS is a bank-controlled model that allows online interoperable financial inclusion transactions at
Point of Sale-PoS or Micro ATM through the bank‟s Business correspondent utilizing the Aadhaar
authentication. AEPS permits mainly 6 types of basic financial transactions that can be performed
through AEPS registration and they are listed as below:
Benefits of AEPS
AEPS aims is to build a strong foundation for a whole variety of Aadhaar empowered Banking services
with several benefits and they can be summarized as below:
21
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Boosts the financial inclusion and assists the underprivileged segment of the society
Using AEPS, bank account holders will be in a position to access their accounts in banks through
Aadhaar authentication
With AEPS digital India payments, the only prerequisite needed for initiation of a transaction is
Aadhaar number and the respective biometric information
AEPS eases the payments of many Government schemes like Social Security pension, NREGA
Handicapped Old Age Pension, etc. of Central Government or State Government bodies by way
of Aadhaar authentication
Even though Aadhaar Enabled Payment System does not need any document nor any card, it does
require you to link your Aadhaar to your bank account. If you do not link your Aadhaar, you will not be
able to enjoy the AEPS facility.
Aadhaar Number
Bio-metrics -Fingerprint
Micro ATM
Assisted mode
In simple language, it means that for you to carry out an AEPS transaction, have your Aadhaar number
with you and the rest of the process can be done smoothly.
Step 1: You need to visit the nearest banking correspondent in your zone. Take note here is that
he or she doesn‟t have to have to be a correspondent from your bank only
Step 2: After the above step, you would be required to enter your 12-digit Aadhaar number of
the Unique Identity Number stated in your Aadhaar Card in the POS- Point of Sale machine
Step 3: Choose the type of transaction which you want to do- Cash withdrawal, Cash deposit,
Intrabank or Interbank fund transfer, Obtain a mini statement, Balance inquiry
22
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Step 6: Authenticate the transaction by giving your biometrics like a fingerprint or your iris scan
Step 7: The transaction will be completed in no time, after which you can collect the respective
receipt
AEPS transaction cost is nil for you as a customer and you need not pay anything to avail of this service.
The Merchant or Banking Correspondent may be charged or paid upon the bank‟s decision. The
transaction cost is divided between the following sections:
Banks may charge till 1% of the particular transaction. The minimum charges are INR 5 and the
maximum are INR 15
There is a standard limit that is set by RBI for transactions made through AEPS, although banks have
the liberty to define a limit for all these transactions. Few banks have set the limit of the transaction to
evade misuse or misappropriation of this system. Many banks have set up a daily limit of INR 50,000 on
the total transactions done by anyone, however, it may vary from bank to bank as mentioned.
You must remember the below points before you start using AEPS:
Neither OTP nor PIN is needed for performing any transactions through this new method
Your bank account must be linked with your Aadhaar if you wish to avail this particular service
In case, if you have multiple accounts in a bank, the main account only will be used under the
system of AEPS
Aadhaar Enabled Payment System supports the transactions between your Aadhaar linked bank
accounts and not any other unlinked accounts
You can link many bank accounts with Aadhaar to use this facility. But you will be able to use
only one account per bank for availing the facility.
23
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The cut-off time of the transactions performed through AEPS stands at 11PM IST every day.
And all transactions done before this cut- off time for the day are counted in in the settlement of
that particular day
Given the larger benefits and uses of AEPS, you must start to take the maximum advantage of this
system and help the government in their initiative to make India cashless.
USSD was launched for those sections of India‟s population which don‟t have access to
proper banking and internet facilities. Under USSD, mobile banking transactions are
possible without an internet connection by simply dialing *99# on any essential feature
phone.
This number is operational across all Telecom Service Providers (TSPs) and allows
customers to avail of services including interbank account to account fund transfer, balance
inquiry, and availing mini statements. Around 51 leading banks offer USSD service in 12
different languages, including Hindi & English.
Currently, following Financial, Non-financial and Value Added Services (VAS) are offered through *99# service.
Account Balance
Last 5 transactions
Uses USSD as the access channel that works across all GSM handsets (smartphone or otherwise)
making it reach the last mile user
24
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Does not require data connectivity (works on signalling channel) that makes it high availability
service
Accessible through a common code *99# across specific GSM Operators and mobile handsets
Additional channel for using BHIM app and key catalyst for financial inclusion.
Digital wallets allow you to pay when you're shopping using your device so that you don't
need to carry your cards around. You enter and store your credit card, debit card, or bank
account information and can then use your device to pay for purchases.
25
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Gift cards
Membership cards
Loyalty cards
Coupons
Event tickets
Plane and transit tickets
Hotel reservations
Driver's license
Identification cards
Car keys
Currently, the technologies used by mobile devices and digital wallets are:
QR codes: Quick response codes are matrix bar codes that store information. You
use your device's camera and the wallet's scanning system to initiate payment.
Near field communication (NFC): NFC is a technology that allows two smart
devices to connect and transfer information using electromagnetic signals. It requires
two devices to be close to each other to connect.
Magnetic secure transmission (MST): The same technology used by magnetic card
readers that read your card when you swipe it through a slot on a point of sale. Your
phone generates this encrypted field that the point of sale can read. However, at least
one digital wallet and mobile phone provider, Samsung, has phased out an MST
feature for Samsung Pay on its Android mobile phones.
The card information you've stored in your wallet and choose to use for a transaction is
transmitted from your device to the point-of-sale terminal, which is connected to payment
processors. Then, through the processors, gateways, acquirers, or any other third parties
involved in credit and debit card transactions, the payment is routed through the credit card
networks and banks to make a payment.
When you hold your phone over a point of sale to make a purchase, you're using
your digital wallet to conduct the transaction.
Cash App
Apple Pay
26
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Google Wallet
Samsung Pay
PayPal
Venmo
AliPay
Walmart Pay
Dwolla
Vodafone M-PESA
Cons
Payment method may not be accepted everywhere
May not work if Bluetooth or WiFi isn't available or your device isn't charged
Can be vulnerable to identity theft or fraud if your mobile device is stolen while
unprotected, or hacked
Today, modern POS systems come in various shapes and sizes, and are equipped to accept all forms of
payments including:
Contactless payments through mobile wallets, unified payments interface UPI or a quick
response code (QR code).
There are three ways in which a POS terminal can accept card payments:
Swipe: cards with magnetic stripe are swiped to initiate the transaction.
27
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Insert: cards with microchip are inserted into the POS machine and it remains there throughout the
transaction process.
Tap: Europay, MasterCard and Visa (EMV) chip cards can also use near-field communication (NFC)
for contactless payments by tapping on the POS terminal.
o Ring up customers
o Process payments
28
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Examples
Aloha, Oracle MICROS, and Squirrel Systems are among the best legacy POS systems for retail.
E- Commerce:-
E-commerce, short for "electronic commerce," refers to the buying and selling of goods or services over the
internet. It involves online transactions between businesses (B2B), businesses and consumers (B2C), or
consumers trading with other consumers (C2C). E-commerce has become a significant part of the global economy
and has various components:
29
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Integrity ‒ ensure that no unauthorized entity has altered any information. It is all
about providing consistent, accurate, and reliable information.
Non-repudiation ‒ confirms that both buyers and sellers received the information
sent from each other. In other words, buyers can‟t deny the legitimacy of a
recorded transaction.
Authenticity ‒ both sellers and buyers must present their identity verification to
ensure the safety of the transaction.
Confidentiality ‒ when it comes to sensitive data, only those with proper
authorization can access, change, or use it.
Privacy ‒ refers to protecting customer data from unauthorized parties.
Availability ‒ an eCommerce site must be accessible 24/7 for customers.
E-commerce Threats:-
30
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
E-commerce, like any online activity, is susceptible to various threats and risks that can affect the
security, privacy, and operations of businesses. Here are some common threats to e-commerce:
1. Cybersecurity Threats:
Data Breaches: Unauthorized access to customer data, such as personal information and
payment details.
Distributed Denial of Service (DDoS) Attacks: Overwhelming the website with traffic,
causing it to become inaccessible.
Malware and Phishing: Malicious software or fraudulent emails used to steal information
or spread malware.
2. Payment Fraud:
Credit Card Fraud: Unauthorized use of credit card information for fraudulent purchases.
Chargebacks: Customers dispute legitimate charges, resulting in financial losses for the
business.
Friendly Fraud: Customers falsely claim they didn't make a purchase, leading to
chargebacks.
3. Counterfeit Products:
The sale of fake or counterfeit products that can damage a brand's reputation and
customer trust.
31
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Events like natural disasters or geopolitical issues can disrupt the supply chain, leading to
delayed or unavailable products.
6. Competitive Threats:
Competition from other e-commerce businesses can affect market share, pricing, and
customer acquisition.
7. Ransomware:
Holding a website or critical data hostage until a ransom is paid, causing business
interruptions.
Dishonest sellers or buyers engaging in deceptive practices like fake reviews, non-
delivery of goods, or misrepresentation.
9. Website Vulnerabilities:
Delays in shipping, shipping errors, and problems related to returns and customer
satisfaction.
For businesses operating on third-party e-commerce platforms, there may be risks related
to platform policies, fees, and competition.
32
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Infrastructure failures, website downtime, or technical glitches can impact sales and
customer satisfaction.
E-commerce security is critical to protect both your business and your customers' sensitive
information. Here are some best practices to enhance e-commerce security:
1. Use HTTPS: Ensure your website uses secure, encrypted connections (HTTPS) to protect
data transmitted between the user's browser and your server. Secure Socket Layer (SSL)
certificates are essential.
2. Strong Password Policies:
Enforce password complexity (a mix of upper and lower case, numbers, and symbols).
Encourage regular password changes.
Implement multi-factor authentication (MFA) for added security.
3. Regular Software Updates:
Keep your e-commerce platform, plugins, and server software up to date to patch
security vulnerabilities.
Remove or update any obsolete or unsupported software.
4. Firewalls and Intrusion Detection Systems (IDS):
Employ web application firewalls to block common attacks.
Use IDS to detect and alert on suspicious activities.
5. Secure Payment Processing:
Comply with Payment Card Industry Data Security Standard (PCI DSS) requirements.
Outsource payment processing to reputable third-party providers when possible.
6. Data Encryption:
Encrypt sensitive customer data, such as credit card information and personal details.
Ensure encryption at rest and during transmission.
Internet fraud in e-commerce is popular ever since e-commerce sites were introduced. Since companies
figured out a way that consumers could securely purchase goods from them without actually visiting the
physical store, criminals also have done their best to access and profit from that data available on the
internet.
33
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Email
Messages
Illegal websites
Phone calls
Sending malicious software to smartphones
Cybercriminals often operate in teams to breach data security systems. They check for bugs or fixes that
have not been updated in quite some time. Such loopholes make it easy for hackers to gain access
around the firewall and acquire confidential information.
The merchant on the e-commerce website might not realize that it is the hacker who is doing the
transaction instead of the real user, as all the details are being provided.
Phishing – You would have come across numerous email subscriptions and websites that persuade you
to opt for updates and notifications. In most cases, these sources would ask you to provide certain
personal information, including your credit card details. If the email is not from a reliable source, your
data will be compromised and used to carry out fraud e-commerce transactions. This is known as
a phishing attack.
Merchant Identity Fraud – This involves a fraudster that builds a platform quite similar to that of the
merchant account. The attacker then proceeds and imposes fake payments and fees on stolen credit
cards. This whole operation is carried out in a quick way before the cardholders realize they are being
cheated.
Pagejacking – At times, e-commerce websites are hacked by criminals who direct the customers to an
unsecured network. This untrusted site can contain malware that can break webpage security systems
and steal the customer‟s funds.
Securities fraud – Speed, fast access, and anonymous activity, all provide a suitable atmosphere for
securities and stock market fraud. This can happen in several ways.
34
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The most common of all involves providing misleading or fake information on a specific stock to shoot
up its price. Investors treat this information as genuine and start buying the stock, resulting in a price
increase. By the time they realize that the information is fake, the stock price falls, and the investors lose
their money.
Another way is to offer stock that simply does not exist. Online investors, surfing the internet for
information, invest in such stocks without realizing they are being the victim of a scam and eventually
end up losing their money.
Stock market fraud–With the advancement in technology and everything at our fingertips, there has
been a rise in stock market scams too. Unknowingly, the investors are exposed to the immense risk of a
criminal who uses their personal data and investment for illegal trades, leaving investors at a loss.
Before the investor realizes that he/she has lost the money to a scam, the criminal would have shut this
activity and moved to another fraud.
There is an increase in the number of victims of stock market scams in Dubai. The scammer deceives
the victim by fraudulent means to persuade the investor to surrender their capital or property.
Foreign exchange fraud – This is a trading technique used to deceive investors by misleading them that
by investing in the forex market, they can expect to make a high profit. Currency trading scams also lure
customers through radio advertising, newspaper ads, or appealing internet pages.
There have been cases of forex trading frauds in Dubai, involving hundreds of victims. The scams
involved transfers of foreign money meant to escape bank transaction charges and investments in
different small businesses.
As part of forex investment scams in the UAE, multiple investors were persuaded into forex trading with
a promise of making a high profit. The brokers refused to pay the investors at some point, customers
then moved to the court in order to recover their capital.
Preventive measures
E-commerce firms have already begun to raise awareness regarding internet corrupt practices. Even
though it is difficult to eradicate cybercriminals entirely, you can take certain measures to prevent
internet fraud.
35
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Here are some key aspects of the RBI guidelines and the Payment and Settlement Systems Act, 2007:
RBI Guidelines:
1. Payment and Settlement Systems Oversight: RBI has the authority to regulate and oversee payment
and settlement systems in India to maintain the stability of the financial system.
2. Licensing and Authorization: RBI issues licenses and authorizations to entities involved in payment
and settlement systems, such as banks, non-bank payment system operators, and other financial
institutions.
3. Safety and Security: RBI mandates security standards and protocols to protect payment systems from
fraud and cyber threats. Entities are required to implement strong security measures.
4. Real-Time Gross Settlement (RTGS): RBI operates the RTGS system, which facilitates real-time,
instantaneous settlement of large-value interbank transactions.
5. National Electronic Funds Transfer (NEFT): NEFT is an electronic funds transfer system managed
by RBI, allowing individuals and businesses to transfer funds electronically.
6. Unified Payments Interface (UPI): UPI is a real-time payment system in India, allowing for instant
money transfer between bank accounts through mobile devices. RBI provides guidelines for UPI.
7. Prepaid Payment Instruments (PPIs): RBI regulates prepaid instruments like mobile wallets and
prepaid cards, including guidelines on their issuance, usage, and security.
1. Definition of Payment System: The Act defines a payment system as a system that enables payment or
funds transfer between a payer and a beneficiary.
2. Designation of Systemically Important Payment Systems (SIPS): The Act allows RBI to designate
certain payment systems as systemically important, subjecting them to enhanced oversight and
regulation.
3. Oversight and Regulation: The Act provides a legal framework for the oversight and regulation of
payment and settlement systems to ensure efficiency, security, and reliability.
4. Settlement Finality: The Act establishes the concept of settlement finality, meaning that once a
settlement is completed, it cannot be unwound or reversed.
5. Rights and Obligations of Participants: The Act outlines the rights and obligations of various
participants in payment systems, including system operators, clearinghouses, and settlement banks.
36
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
6. Penalties and Offenses: The Act prescribes penalties and legal consequences for violations of its
provisions, including unauthorized operation of payment systems.
7. Appeals and Dispute Resolution: It provides a mechanism for appeals and dispute resolution in cases
of disagreements between participants in payment systems.
8. Consumer Protection: The Act includes provisions for the protection of consumers in payment and
settlement systems.
9. RBI's Role: The Act underscores the role of RBI as the regulatory authority for payment and settlement
systems.
RTGS
NEFT
1. What does NEFT stands for? – National Electronic Fund Transfer
2. What type of payment system is NEFT? – Credit-Push System
37
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
IMPS
39
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
UNIT III
e-Governance Service-
Digi-Locker: About digilocker, features and benefits of digilocker, Registering, accessing and
getting various certificates and mark sheets on digilocker. Academic Bank of Credit (ABC): About
ABC, features and benefits of ABC, Registering, accessing, getting and sharing academic credits.
e- Governance Service:-
e-Governance services refer to the use of information technology to deliver government services
to citizens electronically.
Examples include online railway reservations, passport applications, e-hospitals, and other
government-related services.
UMANG (Unified Mobile Application for New-age Governance) is a mobile app that provides
access to various government services and schemes.
Users can access e-governance services, view information, and avail themselves of government
benefits through a single platform.
What Is DigiLocker?
Focusing on the idea of paperless governance, a DigiLocker is a digital wallet where you can store your
essential documents. These include your PAN card, Voter ID card, driving licence, policy documents,
etc. Also, you can have access to your authentic virtual documents. Thus, it eliminates the usage of
physical documentation.
40
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Under the Indian Information Technology Act 2000, all these documents are legally valid. Additionally,
as per Rule 9A of The Information Technology (Preservation & Retention of Information by
Intermediaries Providing Facilities of DigiLocker) Rules, 2016, all issued documents available through
DigiLocker have to be treated as your original physical documents.
The process of how a DigiLocker works is simple. You can upload all the necessary documents and
ensure safety after signing up on the platform.
After this, you will get personalized cloud storage that links to your Aadhaar card. Verifying your
documents' authenticity online has immensely helped by contributing to the Indian government's vision
of the Digital India project.
Furthermore, as you log in to your DigiLocker account, it will display several sections. You can use it in
the following ways:
Dashboard: The dashboard is the home screen of your DigiLocker account and allows you to surf
through other sections of the application from here. This home screen displays the summary of
your documents issued. It also provides a link to receive documents from all partners associated
with DigiLocker.
Issued Documents: This section displays a list of links or URLs of the digital documents and
certifications. All these are issued by government agencies or departments associated with
DigiLocker.
Uploaded Documents: This is a private section that displays all the documents and certificates
that you have uploaded. Here, you can update the type of document and also can share these
uploaded certifications with the required personnel.
Shared Documents: In this section, you can view the list of documents you have shared with
people.
Activity: This is another important section that helps you keep a note of all the activities you
have performed in your DigiLocker account. This log displays a detailed view of activities,
including file download and upload, number of shares, etc.
Issuers: This section displays you the list of departments or agencies registered as „Issuers' with
DigiLocker. If any of these departments have issued any certificate or document to you, it will
display it in the form of a link or an URL, and you will be able to see it in your 'Issued
Document' section.
41
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
As this new process welcomes many benefits, certain disadvantages come along. Here they are:
Restriction for Registration: One of the massive drawbacks of using DigiLocker is that it comes
with complex registration restrictions. You can only log in to this application with a valid mobile
number or email address linked to your Aadhaar card.
Forgetting DigiLocker Number: You must remember your unique DigiLocker number to use it.
Additionally, you need to remember the same to avoid trouble, like repeating the registration
process and providing your Aadhaar details to get the number. This process will seem time
taking, especially when you are in a hurry. So, note down the unique number somewhere to
avoid such an instance.
Only Aadhaar Card Users Can Use the Facility: Another disadvantage of the application is that it
is only valid for users with a valid Aadhaar card. Therefore, if you make any corrections, you
must check for your Aadhaar card application status to get an update. Additionally, even if you
are an Indian citizen but do not hold a valid Aadhaar card, you will not be able to enjoy the
benefits of the application.
Not for Non-Resident Indians (NRIs): NRIs cannot use the DigiLocker application since their
mobile numbers are not registered in India. To create an account with DigiLocker, you must
have a mobile number registered in India and linked to your Aadhaar card.
Security Concerns: There has been recent news of vulnerability with the account data regarding
DigiLocker. There is a possibility that anyone who has the username of the account might be
able to access your account‟s documents illegally. This can be done by hackers, mainly. They do
not require a password or PIN to access your account.
Now that you know the meaning of a DigiLocker and the pros/cons, let us get into the details of creating
an account.
42
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Creating an account in DigiLocker is a fast and hassle-free process. However, if you require guidance,
seek it from someone who has already opened an account and knows the process well. In contrast, you
can follow the below simple steps to open an account in DigiLocker:
Step 1: Visit the DigiLocker website. However, if you want to use it on your mobile phone, you can
download the application from the Play store.
Step 2: Now, click on the „Sign up‟ option, and enter your full name, date of birth, and mobile phone
number. Ensure that the phone number you are using is linked with your Aadhaar number.
Step 3: Enter a security PIN and mention your email ID. Ensure that the PIN is not a predictable number
or a digit.
Step 4: Next, enter your 12-digit Aadhaar card number. You can view two options: OTP (One Time
Password) or a Fingerprint option. Use any of the two at your convenience to proceed.
Step 5: As the process is complete, this application will prompt you to create your „Username‟ and
„Password‟. Enter the desired password and username to create your DigiLocker account successfully.
Step 6: Now, click on the „Sign up‟ button. After the account is created successfully, the system will
display a 'Dashboard' screen on the DigiLocker. This means the process is complete now.
Uploading the documents on a DigiLocker is a much easier process. Here are the steps as follows:
Step 1: After signing up, click on the „Upload Documents‟ section on the screen. You can upload more
than one document at a time.
Step 2: After you click on the „Upload‟ tab, you have to choose the location and select the files you
require to upload.
Step 3: As you select the files, click on the „Open‟ option. You can select multiple documents at a time.
Step 4: Click on 'Select Document Type' to select any documents provided in the uploaded documents
list.
You will see a drop-down box from which you can select the document type. However, if your
document doesn't match the pre-defined document type, you must choose the 'Others' option in the drop-
down menu.
Step 5: Click on the 'Save' button. The system will update your document type.
This is all the information on what is DigiLocker and how to create your account. Try reading the rules
and regulations adequately before signing up, and keep your documents ready so that you can upload
them fast.
43
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
For students searching for how to download CBSE marksheet from DigiLocker mobile application, here
is the step-by-step process to follow:
Step 1: Install a DigiLocker mobile application from the Android or Apple store.
Step 3: Provide a mobile number registered with the CBSE board. The user will receive an OTP on
mobile. Feed in the security pin.
Step 4: After feeding, click on the "Education" tab of this app. Here, users will need to submit other
details like name, roll number, etc.
Step 5: Finally, one will be able to access a marksheet and download the same in a PDF format.
A user can unlock many benefits using a DigiLocker account upon storing essential documents and
certificates in this online portal. Similarly, students can also use the portal DigiLocker for storing
marksheet, which will offer an extensive set of benefits which are:
One can easily save a marksheet and access the account from any place and at any time.
The CBSE marksheet in a DigiLocker account holds a similar value to the original hard copy of
the document.
Students can easily share their CBSE marksheet from a DigiLocker portal with recipients related
to admissions or jobs.
As per National Education Policy 2020, the Academic Bank of Credits (ABC) has been envisaged to
facilitate the academic mobility of students with the freedom to study across the Higher Education
Institutions in the country with an appropriate "credit transfer" mechanism from one programme to
another, leading to attain a Degree/ Diploma/PG-diploma, etc.,
The registration of institutions and services will be a critical function of the academic bank of credit.
ABC shall deposit credits awarded by registered institutions into students' accounts. The Academic bank
credit(s) can only be shared from institutions, not directly from the student. Only credits submitted by an
authorized institution will be accepted for storage and validation by the ABC.
44
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
It is a credit facility originally envisioned by the Government of India in the National Education Policy
(NEP) 2020. The scheme has the provisions of creating a digital infrastructure that will store the
academic credits earned by the students of various higher education institutes within the country.
The ABC will be entrusted with the responsibilities such as opening, closing, and verifying the
individual academic accounts of students. It‟ll also be responsible to gather the academic credits earned
by the students from their respective higher education institutions, verify the credits, store the credits
Features
Allows academic institutions to lodge and maintain the integrity of the credits
The scheme will include all kinds of courses offered by the Higher Education Institutes and
which are recognised by the University Grants Commission (UGC), be it a graduation course,
postgraduate course, PhD courses, diploma courses, certificate courses, etc.
It covers courses offered through any medium, be it regular classroom courses or open/distance
learning courses or online courses.
SWAYAM, NPTEL, V-Lab and such other schemes offering their courses are also eligible to
avail the facilities provided by Academic Bank of Credit.
In general the credits earned by students will carry a validity of 7 years unless otherwise
specified for that particular course; and upon the end of the validity period these credits will
expire.
The ABC will not accept any kind of credit course document by the students but rather only from
the higher education institution he/she is enrolled in. These institutes will be responsible to
deposit these credits into the student‟s ABC account regularly.
45
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The students will be able to drop out of their institute from any year/semester and exchange the
credits earned so far with a certificate/diploma if eligible. They will also be able to redeem the
credits and rejoin the same institute or some other institute of his/her choice at the same time or
some other time in future and continue from the year/semester his education is pending from.
It will not let the time a student has spent for his higher education go waste if he/she decides to
drop off the course/institute for any reason.
The scheme will do away with the coercive system adopted by some institutes to keep the
student enrolled in their courses against their will, with the motive of earning money.
46
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
About SWAYAM
In 2017, the Government of India launched Swayam (Study Webs of Active Learning for Young
Aspiring Minds). Swayam is an indigenously developed platform that hosts courses that are taught from
Class 9 to post-graduation. This portal has been created by the Ministry of Human Resource
Development (MHRD) and the All India Council for Technical Education (AICTE) with the help of
Microsoft.
SWAYAM is a programme initiated by Government of India and designed to achieve the three cardinal
principles of Education Policy viz., access, equity and quality. The objective of this effort is to take the
best teaching learning resources to all.
SWAYAM is a platform that facilitates hosting of all the courses, taught in classrooms from Class 9 till
post-graduation to be accessed by anyone, anywhere at any time. All the courses are interactive,
prepared by the best teachers in the country and are available, free of cost to any learner.
The Swayam portal offers courses taught right from Class 9 to the post-graduate level. These
courses can be accessed at any time and from any place.
The courses cover a wide range of subjects like Humanities, Sciences, Commerce, Engineering,
Law, Management, etc. The courses have been created by nine National Coordinators appointed
47
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
by the Ministry of Human Resource Development viz UGC, NPTEL, CEC, IGNOU, NCERT,
NIOS, IIMB, NITTTR & AICTE.
More than 1000 specially selected teachers and instructors from across the country have
participated in the creation of these courses.
One of the biggest advantages offered by Swayam is that, for certain courses, a learner can earn
credits for completing the course on the platform and these credits can even be transferred to the
academic record of the learner.
The cost is one of the best benefits of Swayam. There is no charge for registering and doing a
course.
Engineering
Science
Business
Social Sciences
Humanities
Computer Science
Mathematics
Programming
Data Science
Personal Development
48
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
e-Pathshala:-
e-Pathshala is a portal/app developed by the CIET, and NCERT. It was initiated jointly by the Ministry
of Human Resource Development, CIET, and NCERT.
It is launched in November 2015. It hosts educational resources for teachers, students, parents,
researchers and educators, can be accessed on the Web, and is available on Google Play, App
Store and Windows. The content is available in English, Hindi and Urdu.
The primary purpose behind launching the scheme is 'learning on the go. 'It works towards sharing
information and educational resources with teachers and students.
It is a mobile-based -app that can be downloaded from the Google play store.
On the app, you can find Hindi, English, and Urdu content.
The app is designed for Android, iOS, and Windows operating systems.
It is available for various mobile interfaces, including Windows, iOS, and Android.
You can find the content on the app in an e-pub format which is attractive and gives a feeling of
live learning.
For reading the books, it is necessary to have a PDF file reader on the mobile phone. This facility
has been given to make learning exciting and easy.
49
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Students: They can read and share digital textbooks from Classes 1 to 12. Also, they can access
videos, supplementary books, question banks, maps, audio, etc. They get updates about upcoming
events like workshops, exhibitions, contests, and more. They also get access to activity books cum e-
comic books in flipbook form.
Researchers: They can use the app to find periodicals access journals, other documents, and reports.
Through the app, they can contribute to journals and periodicals.
Teachers: They can discover the textbooks of all classes, videos, images, audio, question banks,
research papers, maps, syllabus, sourcebook policy documents, curricular resources, and more. The
app can help them educate students with new information and impart knowledge to them effectively.
They also get various guidelines like PRAGYATA for digital education.
50
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Educators: They access periodicals, textbooks, videos, audio, research papers, journal, syllabus,
curricula, and other resources to educate children.
Parents: They also get access to textbooks, videos, audio, syllabus, curriculum, and other resources
for supporting their children in studies.
1. Aadhar is ............?
.............?
ID proof-issued by UIDAI
A saving account
A kind of account
3. IRCTC is a ........ ?
IRCTC ए ........ ?
Plastic money
51
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
E-wallet
4. In digital payment, the transfer mode preferred for large transaction is?
, ए ?
IMPS
NEFT
UPI
RTGS
True
False
True
False
7. KYC means?
ई ?
52
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Home / घर
Education /
Vehicle /
Keycard
Fingerprint
Retina pattern
Password
Point Of Sale
Position Of Sale
Picture Of Sale
Purchase Of Sale
Deposits
Loans
Withdraw
Transaction
53
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Loans
Withdrwa
Deposits
Bank account
Balance enquiry / र प
Account transaction /
Payment /
Biometric data /
Internet connectivity / र
Android phone / ए
54
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
5 May, 2010
11 July, 2010
13 July, 2010
15 July, 2010
55
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
5. Which of the following is used by banking industry for faster processing of large volume of
cheques?
ए
?
Bar-Code Reader
OCR
MICR
OMR
HDFC Bank
Bank of Baroda
12
14
16
56
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
10
None of these /
Binary code / र
Programming code /
None of these /
Electronic Commerce /
Internet Commerce / र
True
False
True
False
1. It provides 100 MB secure dedicated personal electronic space for storing the documents.
a. Only 1
b. Only 2
c. Both
d. None
ANSWER: Only 2
58
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
DigiLocker service provides 10 MB secure dedicated personal electronic space for storing the
documents.The government is also planning to subsequently increase the storage space to 1 GB.
The Academic Bank of Credit [ABC] has the provision of creating and maintaining a
digital structure in which all the students' academic credits are stored throughout their
educational journey.
Q.2) Who introduced the Academic Bank of Credit [ABC]?
In 2020, Mr Narendra Modi introduced the Academic Bank of Credit [ABC] as a part
of the National Education Policy.
Q.3) What are the functions of the Academic Bank of Credit [ABC]?
The Academic Bank of Credit [ABC] is responsible for opening, closing, and
validating the academic accounts of students.
The academic score earned by the students is valid for up to 7 years, and
students can redeem this.
The scheme covers all education mediums, including online, distance, or even
regular classes.
Q.4) What is the significance of the Academic Bank of Credit [ABC]?
The Academic Bank of Credit [ABC] enables students to redeem credits and rejoin the
same institute in the future for continuing their education.
Q.5) What are the objectives of the Academic Bank of Credit [ABC]?
UNIT: IV
CONTENTS:
What is Cyberspace?
We have all seen that technology is a great leveler. Using technology, we created machine-clones –
computers, which are high-speed data processing devices.
They can also manipulate electrical, magnetic, and optical impulses to perform complex arithmetic,
memory, and logical functions. The power of one computer is the power of all connected computers
termed as a network-of-network or the internet.
Cyberspace is the dynamic and virtual space that such networks of machine-clones create. In other
words, cyberspace is the web of consumer electronics, computers, and communications network which
interconnect the world.
60
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Source: Pixabay
History of Cyberspace
In 1984, Wiliam Gibson published his science fiction book – Necromancer, which describes an online
world of computers and elements of the society who use these computers. The word cyberspace first
appeared in this book.
In the book, a hacker of databases stole data for a fee. The author portrayed cyberspace as a three-
dimensional virtual landscape. Also, a network of computers creates this space.
According to him, cyberspace looked like a physical space but was actually a computer
generated construction. Also, it represented abstract data.
The book caught the imagination of many writers and in 1986, major English language dictionaries
introduced the word „cyberspace‟. According to the New Oxford Dictionary of English, „CyberSpace‟ is
the notional environment in which people communicate over computer networks.
Since cyberspace is a virtual space, it has no boundaries, mass, or gravity. It simply represents the
interconnected space between computers, systems, and other networks.
It exists in the form of bits and bytes – zeroes and ones (0‟s and 1‟s). In fact, the entire cyberspace is a
dynamic environment of 0‟s and 1‟s which changes every second. These are simply electronic impulses.
Also, it is an imaginary location where the words of two parties meet in conversation.
61
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Firstly, cyberspace is a digital medium and not a physical space. It is an interactive world and is not a
copy of the physical
world. Here are some
differences between
Physical World Cyberspace
cyberspace and the
physical world:
In a human brain, there are countless neurons which create a spectre of life. Similarly, the cyberspace
represents millions of computers creating a spectre of digital life. Therefore, cyberspace is a natural
extension of the physical world into an infinite world.
As technology evolved, the need to regulate human behavior evolved too. Cyber laws came into
existence in order to ensure that people use technology and avoid its misuse.
If an individual commits an act which violates the rights of a person in the cyberspace, then it is treated
as a cyberspace violation and punishable under the provisions of the cyber laws.
Since the cyberspace is completely different from the physical world, traditional laws are not applicable
here. In order to provide cyber security to users, the government introduced several cyber laws.
When the internet was designed and developed, the developers had no idea that it would have the
potential of growing to such great an extent.
Today, many people are using the internet for illegal and immoral activities which need regulation. In
the cyberspace things like money laundering, identity theft, terrorism, etc. have created a need for
stringent laws to enhance cyber security.
62
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Additionally, many technologically qualified criminals like hackers interfere with internet accounts
through the Domain Name Server (DNS), IP address, phishing, etc. and gain unauthorized access to a
user‟s computer system and steal data.
While there is no clear definition of cyber law, it is broadly the legal subject which emanated from the
development of technology, innovation of computers, use of the internet, etc.
Cyber Law
Cyber Law encapsulates legal issues which are related to the use of communicative, transactional, and
distributive aspects of networked information technologies and devices.
It is not as distinct as the Property Law or other such laws since it covers many areas the law and
regulation. It encompasses the legal, statutory, and constitutional provisions which affect computers and
networks.
Cyber Law is a generic term referring to all the legal and regulatory aspects of the internet. Everything
concerned with or related to or emanating from any legal aspects or concerning any activities of the
citizens in the cyberspace comes within the ambit of cyber laws.
Currently, there are two main statutes which ensure cyber security:
Q1. What are the primary differences between cyberspace and the physical world?
Answer: The physical world is static, well-defined, and incremental with fixed contours. On the other
hand, the cyberspace is dynamic, undefined, and exponential. It also is as vast as the human imagination
and does not have a fixed shape.
As cyberspace continues to evolve, governments and international organisations grapple with the need
for governance and regulation. Developing policies that balance individual rights, security, and
innovation remains a significant challenge. Adequate data protection, cybercrime, and digital rights
regulation are crucial to fostering a safe and trusted cyberspace.
63
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The growing importance of cyberspace is evident in its transformative impact on various aspects of our
lives. Its role in economic growth, global connectivity, communication, collaboration, and innovation
cannot be overstated. However, ensuring a secure and responsible cyberspace requires ongoing efforts in
cybersecurity, policy development, and global cooperation. Harnessing the potential of cyberspace while
addressing its challenges is crucial in shaping a sustainable digital future.
Regulation is crucial in ensuring cyberspace‟s safe, secure, and responsible use. As the digital realm
continues to expand and evolve, effective regulation is essential to protect individuals, businesses, and
governments from cyber threats, uphold privacy rights, foster trust, and promote responsible behaviour.
Here are some critical aspects of the role of regulation in cyberspace:
The Evolving Landscape of Cyberspace Over the past few decades, access to the Internet and digital
technologies has expanded exponentially. According to data from the Internet and Mobile Association of
India, as of 2021, there are over 800 million internet users in the country. Emerging technologies like
artificial intelligence, blockchain, 5G networks and the Internet of Things are also transforming how we
live and work. However, this rapid digital transformation has been accompanied by increased
cybercrimes such as hacking, phishing scams and ransomware attacks. In 2021 alone, India witnessed a
38% increase in cybersecurity incidents compared to the previous year. The legal framework must keep
pace as opportunities and threats evolve in cyberspace.
Cybersecurity:
Regulation helps establish standards and best practices for cybersecurity, aiming to protect critical
infrastructure, sensitive data, and individuals‟ digital assets. It provides guidelines for organisations to
implement robust security measures and respond effectively to cyber threats. Regulations also encourage
information sharing and collaboration among stakeholders to mitigate risks collectively.
In the era of big data, regulation plays a crucial role in safeguarding personal information and ensuring
privacy rights. Regulations such as the EU General Data Protection Regulation (GDPR) and various
national data protection laws establish data collection, storage, processing, and transfer rules. They also
give individuals greater control over their data, including the right to consent and be forgotten.
Regulation helps protect intellectual property rights in cyberspace. Laws governing copyrights,
trademarks, and patents ensure that creators and innovators are rewarded for their work and incentivise
further innovation. Regulations combat piracy, counterfeiting, and unauthorised use of intellectual
property, fostering a supportive environment for creativity, research, and development.
64
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Regulations are vital for combating cybercrime and ensuring appropriate investigation and prosecution
of offenders. Laws address various cyber offences, such as hacking, identity theft, fraud, and online
harassment. They define criminal liability and establish procedures for reporting incidents, collecting
evidence, and coordinating international cooperation to tackle cross-border cybercrime.
Regulation plays a role in protecting digital rights and ensuring freedom of expression in cyberspace.
Laws and regulations should balance regulating harmful content and safeguarding individuals‟ rights to
express opinions and access information freely. This involves governing issues like online hate speech,
misinformation, and censorship while upholding democratic principles and facilitating the diversity of
viewpoints.
Consumer Protection:
Regulation helps protect consumers in the digital marketplace. E-commerce regulations ensure fair
business practices, transparent pricing, product safety, and dispute resolution mechanisms. These
regulations promote consumer confidence and trust and address online fraud, scams, and misleading
advertising.
Regulations often establish technical standards and promote interoperability in cyberspace. These
standards facilitate seamless connectivity, data exchange, and compatibility across different systems and
platforms. They enable innovation, competition, and collaboration while minimising barriers to entry for
new players.
International Cooperation:
Given the global nature of cyberspace, regulation needs to foster international cooperation. International
agreements, conventions, and frameworks help establish standard norms, promote trust-building
measures, and enable information sharing and technical cooperation. These initiatives enhance
coordination in addressing transnational cyber threats, jurisdictional challenges, and harmonising
regulatory frameworks across borders.
Achieving a balance between innovation and governance is an issue of great importance. While
regulations are necessary for addressing potential risks, excessive regulation may hinder progress.
Therefore, it is crucial to adopt a flexible approach that promotes innovation while still mitigating any
potential harm. The General Data Protection Regulation of the European Union is a prime example of
such an approach, as it requires companies to maintain appropriate security practices based on risk levels
while providing leeway for new and upcoming technologies. It is also essential for nations to collaborate
to counter cyber threats, as international borders do not bind such threats. Initiatives like the Budapest
Convention on Cybercrime intend to facilitate cross-border investigations and prosecutions.
Nonetheless, differences in political and legal systems may impede harmonisation efforts.
65
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
National Cyber Laws and International Agreements At the domestic level, India has issued notifications
to strengthen its cybersecurity posture. The Indian Computer Emergency Response Team issues
advisories on vulnerabilities, threats and mitigation strategies. The Controller of Certifying Authorities
regulates the issuance of digital signatures to ensure authentic electronic transactions. Internationally,
India is a signatory to the Budapest Convention and the UN‟s Manila Declaration on cybercrime.
However, jurisdictional conflicts arise when the location of crimes/criminals is ambiguous. There is also
an ongoing debate around surveillance and privacy protections vis-à-vis national security interests.
India has several national cybersecurity laws and regulations to address the increasing challenges of
cyber threats. Regulations related to cybersecurity in India:
The IT Act is the primary legislation governing cybersecurity and the use of information technology in
India. It legally recognises electronic transactions, digital signatures, and governance. The act also
covers several cybercrimes, including unauthorised access, hacking, data theft, and identity theft.
CERT-In functions as the national nodal agency for cybersecurity in India. It coordinates responses to
cybersecurity incidents, promotes incident prevention, and provides security training and awareness
programs. The agency collaborates with international cybersecurity organisations and facilitates
information sharing and cooperation.
Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal
Data or Information) Rules, 2011:
These rules under the IT Act aim to protect personal sensitive data and information. They require
organisations handling such data to implement reasonable security measures to ensure its confidentiality
and prevent unauthorised access, disclosure, or misuse.
This act regulates and supervises payment systems in India, including digital payments and electronic
fund transfers. It establishes security and risk management provisions in payment systems and promotes
the security and integrity of electronic transactions.
Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits, and Services) Act, 2016:
Aadhaar is a unique identification system in India that assigns residents a unique identification number
(UID). The act governs the collection, storage, and usage of Aadhaar data while incorporating data
security and protection provisions.
66
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
The policy outlines a framework for strengthening cybersecurity measures in India. It aims to protect
information infrastructure, establish an incident response mechanism, promote research and
development in cybersecurity, and build a skilled cybersecurity workforce. The policy sets the
foundation for India‟s cybersecurity strategy and initiatives.
India is formulating a comprehensive National Cybersecurity Strategy, which will provide a roadmap for
strengthening the country‟s cybersecurity posture. The strategy is expected to address various aspects,
including capacity building, threat intelligence, incident response, international cooperation, and public-
private partnerships.
It is important to note that the evolving nature of technology and cybersecurity challenges requires
ongoing updates and amendments to existing laws and regulations. The Indian government continues to
work towards enhancing its cybersecurity legal framework and strengthening its capabilities to address
emerging threats effectively.
Addressing Criticisms and Future Outlook Critics argue over-regulation hampers innovation through
compliance burdens. There are also open questions around determining applicable laws when the
location of parties is ambiguous. As technologies continue to evolve at a rapid pace, regulators face
challenges in designing flexible yet comprehensive frameworks. Going forward, multi-stakeholder
cooperation involving governments, technology, civil society and international bodies will be essential.
Areas like cybersecurity capacity building, responsible behaviour promotion, and human-centric
policymaking deserve attention. A balanced, collaborative approach respecting civil liberties and the
rule of law seems most prudent.
The proliferation of regulations may harm the development and progression of pioneering technologies
and solutions. Indeed, an overabundance of regulations can lead to censorship surveillance and encroach
upon the individuals‟ right to privacy. Thus, it is imperative to maintain a balance between regulation
and innovation, thereby ensuring that we continue to expand the boundaries of possibility while
simultaneously adhering to ethical standards and safeguarding the interests of the public.
Definition of Cybercrime
Any offenses committed against individuals or groups of individuals to harm the reputation or cause
physical or mental trauma through electronic means can be defined as Cybercrime. Electronic means can
include but are not limited to, the use of modern telecommunication networks such as the Internet
67
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
(networks including chat rooms, emails, notice boards and groups) and mobile phones
(Bluetooth/SMS/MMS).
There are many privacy concerns surrounding cybercrime when sensitive information is intercepted and
leaked to the public, legally or otherwise. Some of that information may include data about military
deployments, internal government communications, and even private data about high-value individuals.
Cybercrime is not confined to individuals alone. Internationally, both governmental and non-state actors
engage in cybercrimes, including espionage, financial theft, and other cross-border crimes. Cybercrimes
crossing international borders and involving the actions of at least one nation-state is sometimes referred
to as cyberwarfare.
In 2018, a study by Center for Strategic and International Studies (CSIS), in partnership with McAfee, a
leading cybersecurity firm concludes that close to $600 billion, nearly one percent of global GDP, is lost
to cybercrime each year.
Cybercrime that uses computers to commit other crimes may involve using computers to spread
malware, illegal information or illegal images.
Ever since the introduction of cyber laws in India, the Information Technology Act (IT Act)
2000 covers different types of crimes under cyber law in India. The following types of cybercrimes are
covered under the IT Act 2000.
68
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Child Pornography OR Child sexually abusive material (CSAM) - Child sexually abusive
material (CSAM) refers to a material containing sexual images in any form, of a child who is
abused or sexually exploited. Section 67 (B) of the IT Act states that “it is punishable for
publishing or transmitting of material depicting children in the sexually explicit act, etc. in
electronic form.
Defamation – While every individual has his or her right to speech on internet platforms as well,
but if their statements cross a line and harm the reputation of any individual or organization, then
they can be charged with the Defamation Law.
Trade Secrets – Internet organization spends a lot of their time and money in developing
software, applications, and tools and rely on Cyber Laws to protect their data and trade secrets
against theft; doing which is a punishable offense.
Ransomware - Ransomware is a type of computer malware that encrypts the files, storage media
on communication devices like desktops, Laptops, Mobile phones etc., holding data/information
as a hostage.
Freedom of Speech – When it comes to the internet, there is a very thin line between freedom of
speech and being a cyber-offender. As freedom of speech enables individuals to speak their
mind, cyber law refrains obscenity and crassness over the web.
Harassment and Stalking – Harassment and stalking are prohibited over internet platforms as
well. Cyber laws protect the victims and prosecute the offender against this offense.
IT Act, 2000 went through amendments under the Indian Penal Code in the year 2008. These were made
in light of the laws on cybercrime – IT Act, 2000 by way of the IT Act, 2008. They were enforced at the
beginning of 2009 to strengthen the cybersecurity laws.
Q1
Cybercrime, also called computer crime, the use of a computer as an instrument to further illegal ends,
such as committing fraud, and intellectual property, stealing identities, or violating privacy.
Q2
There are three major categories that cybercrime falls into: individual, property and government. The
types of methods used and difficulty levels vary depending on the category. Property: This is similar to a
real-life instance of a criminal illegally possessing an individual‟s bank or credit card details.
According to the reports of the National Commission for Women, the number of cybercrimes against
women rapidly increases during the period of lockdown and decreases afterward. The same can be
shown by the tables given below:
70
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
As we can see, in 2020, the number of cybercrime cases against women rapidly increased in April and
continued to grow in May, June, and July when India was badly affected by covid-19, the pandemic was
at its peak and the entire nation was under lockdown. Eventually, when the pandemic started to decline
and lockdown restrictions started to decrease in August, the number of cybercrime cases also started to
decline and further declined in September and October when lockdown restrictions were lifted.
Number of Cybercrime cases The situation of the second wave of pandemic and
Month
against Women lockdown in India
As we can see, in 2021, the number of cybercrime cases against women rapidly increased in March and
continued to grow in April and May when India was badly affected by the second wave of covid-19 and
almost the entire nation was facing strict lockdown restrictions. Eventually, when the second wave of
pandemics started to decline and lockdown restrictions started to decrease in June, the number of
cybercrime cases also started to decline and further declined in July when lockdown restrictions were
lifted.
2020 704
2019 459
2018 375
71
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
2017 370
2016 311
2015 223
2014 209
A total number of 704 cybercrime cases against women were registered in 2020 i.e. when the pandemic
started and 504 cybercrimes cases against women have already been registered in 2021 and we are only
halfway through the year. The number of cybercrime cases against women was comparatively less in the
previous years and significantly increased during the pandemic and lockdown.
Children, especially those who have been either abandoned due to the loss of both of their parents to the
COVID-19 virus or who have been temporarily separated from their parents because either of them has
caught the disease have been the most vulnerable and easy targets to these cybercrimes. Where the
parents are hospitalized and children are kept under other‟s care or are uncared for, such children are
more prone to cyber abuse because there is no one to look after their online activities. Children have
been spending more time on virtual platforms due to the closing of schools amid the COVID-19
pandemic which has exposed them to the risk of online harassment and cyberbullying. During the
lockdown and due to the closure of the schools, parents had to rely on technology and digital solutions
to keep their children learning, entertained, and connected to the outside world. Children are spending
more time online for various entertainment, social and educational purposes. But all children do not
have the necessary knowledge and resources to keep themselves safe and secure in the online world.
The CHILDLINE 1098 helpline number, an emergency service number for women and children to help
them in cases of abuse and violence, received more than 92,000 calls in the second week of lockdown in
India in April 2020. The number of calls of children in distress and fear increased by 50 percent in just
11 days from March 25th, 2020. The Supreme Court of India took suo moto cognizance of the matter to
eliminate the risk of abuse and violence against children during the pandemic.
Children are more vulnerable when they are kept away from their parents or when there is no one to
look after them. The pandemic has made the situation even more vulnerable for children because they
are helplessly exposed to the online world for their educational purposes. Most of the children,
especially those belonging to Grade 1 to Grade 5, are very less acquainted with technology and internet
use, and ethics. Therefore, it becomes very easy for sexual predators and other cybercrime offenders to
hack the devices of these children and manipulate them. A child does not know whether the particular
website is safe to visit or not, or whether a particular image/video should be downloaded or not and
hence, gets easily manipulated to indulge in immoral activities and become easy targets of the
cybercrime offenders.
72
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
What Is Cyberbullying
Cyberbullying is bullying that takes place over digital devices like cell phones, computers, and tablets.
Cyberbullying can occur through SMS, Text, and apps, or online in social media, forums, or gaming
where people can view, participate in, or share content. Cyberbullying includes sending, posting, or
sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or
private information about someone else causing embarrassment or humiliation. Some cyberbullying
crosses the line into unlawful or criminal behavior.
Instant messaging, direct messaging, and online chatting over the internet
Special Concerns
With the prevalence of social media and digital forums, comments, photos, posts, and content shared by
individuals can often be viewed by strangers as well as acquaintances. The content an individual shares
online – both their personal content as well as any negative, mean, or hurtful content – creates a kind of
permanent public record of their views, activities, and behavior. This public record can be thought of as
an online reputation, which may be accessible to schools, employers, colleges, clubs, and others who
may be researching an individual now or in the future. Cyberbullying can harm the online reputations of
everyone involved – not just the person being bullied, but those doing the bullying or participating in it.
Cyberbullying has unique concerns in that it can be:
Persistent – Digital devices offer an ability to immediately and continuously communicate 24 hours a
day, so it can be difficult for children experiencing cyberbullying to find relief.
73
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Permanent – Most information communicated electronically is permanent and public, if not reported
and removed. A negative online reputation, including for those who bully, can impact college
admissions, employment, and other areas of life.
Hard to Notice – Because teachers and parents may not overhear or see cyberbullying taking place, it is
harder to recognize.
All states have laws requiring schools to respond to bullying. As cyberbullying has become more
prevalent with the use of technology, many states now include cyberbullying, or mention cyberbullying
offenses, under these laws. Schools may take action either as required by law, or with local or school
policies that allow them to discipline or take other action. Some states also have provisions to address
bullying if it affects school performance. You can learn about the laws and policies in each state,
including if they cover cyberbullying.
This means the content sent to you, or posted or shared about you, must be likely to harm your physical
or mental health because it is seriously:
threatening (for example, when someone says they are going to harm you, or tells others to
harm you) or
intimidating (for example, when you stop doing something because someone makes you feel
scared or bad about it) or
harassing (for example, when someone keeps sending messages to you or keeps sharing posts or
comments about you even though you don‟t want them to) or
humiliating (for example, when someone teases or embarrasses you very badly).
If someone is cyberbullying you in one of these ways you can report it to eSafety, or you can ask a
trusted adult to do it for you. The adult can be a parent or guardian, or someone like a carer, teacher or
police officer.
Zero-day exploit is a type of cyber security attack that occur on the same day the software, hardware or
firmware flaw is detected by the manufacturer. As it‟s been zero days since the security flaw was last
exploit, the attack is termed as zero-day exploit or zero-day attack. This kind of cyber-attacks are
considered dangerous because the developer have not had the chance to fix the flaw yet. Zero-day
exploit typically targets large organizations, government departments, firmware, hardware devices, IoT,
users having access to valuable business data, etc.
74
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A software is developed and released without knowing the fact that it has a security vulnerability. An
attacker identifies or exploits this vulnerability before the developers identifies or fixes the same. While
still the vulnerability is open and unpatched, exploiting the vulnerability, the hacker attacks and
compromises the software which can lead to data theft, unauthorized access or crashing of the software
itself. After the attacker attacks the target, the public or developer identifies the attack and tries to figure
out the patch. The developer identifies the fix and releases the update to safe guard its new user
Probability of detecting zero day exploit is rare or in other words, the attack leaves no opportunity for
detection. But there are a few ways to identify the existing known vulnerabilities.
1. Signature Based – In this method, the occurrence pattern of known vulnerability can be detected
with the help of pattern matching. Even though this method cannot detect the malware code used
for zero-day exploit, it is capable of detecting known attacks like SQL injection that may lead to
zero-day vulnerability. While a developer may not be able to detect zero-day attack, the system
firewall may be able to detect and protect against few known specific attack types such as XSS ,
SQL injection, etc.
2. Statistical Techniques – By monitoring the normal activity, this technique learns the normal
behavior of the network. When the system identifies any deviation from normal profile it will
detect a probability of vulnerability.
3. Behavior Based – The implementation of behavior based detection typically depends on a
„honeypot‟. A honeypot is a security mechanism that is developed to detect the presence of
hackers or hacking attempts.
4. Hybrid Techniques – This hybrid technique use the advantage of statistical, behavioral and
traditional signature based defense mechanism. They are comparatively more effective as the
weaknesses of any single detection technique will not break the security.
Zero-day Exploit Prevention: As zero-day exploits cannot be easily discovered, prevention of the zero-
day exploit becomes difficult. There is hardly any ways to protect against zero-day exploit as we don‟t
have any idea about its occurrence well in advance. We can reduce the level of risk opting any of the
following strategies:
75
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Zero-day exploit refers to a security vulnerability that is unknown to the software vendor or the public,
allowing attackers to exploit it before it can be patched. Here are some examples of zero-day exploits:
Stuxnet: Stuxnet is a well-known example of a zero-day exploit that was discovered in 2010. It was a
sophisticated piece of malware that was specifically designed to target industrial control systems,
particularly those used in Iranian nuclear facilities. Stuxnet exploited several zero-day
vulnerabilities in Windows and Siemens software to gain access to the systems and cause physical
damage.
WannaCry: WannaCry is a ransomware attack that was first discovered in 2017. It spread rapidly
across the globe, infecting hundreds of thousands of computers in over 150 countries. The
attackers exploited a zero-day vulnerability in Microsoft Windows to infect the systems with the
ransomware.
Pegasus: Pegasus is a spyware developed by the Israeli company NSO Group. It was used to target the
mobile phones of journalists, activists, and government officials in several countries. The attackers
used a zero-day vulnerability in Apple‟s iOS to install the spyware on the victims‟ phones.
Heartbleed: Heartbleed is a vulnerability in the OpenSSL cryptographic software library that was
discovered in 2014. It allowed attackers to access sensitive information, including passwords and
encryption keys, from servers running the affected software. The vulnerability was present in the
software for over two years before it was discovered.
Dirty COW: Dirty COW is a vulnerability in the Linux operating system kernel that was discovered
in 2016. It allowed attackers to gain root access to the system by exploiting a race condition in
the copy-on-write (COW) mechanism of the kernel. The vulnerability affected millions of systems
running the Linux operating system.
Meltdown and Spectre: Meltdown and Spectre are two vulnerabilities in modern computer processors
that were discovered in 2018. They allow attackers to access sensitive information, including
passwords and encryption keys, from the memory of other running programs.
76
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Zero-click attacks are cyberattacks that don‟t require user intervention as a trigger. The attack is
automatically and usually invisibly executed as soon as the code hits your device. Zero-clicks are nasty
attacks we should all be aware of, so we can at least attempt to steer clear from.
Indeed, these types of attacks don‟t need to employ social engineering tactics to fool the victim and
trigger the attack. No trigger is required. As long as the zero-click vulnerability is present on the target
system, the attackers can walk right in.
Because of that, zero-click vulnerabilities are considered the crown jewels of vulnerabilities, and both
legitimate software vendors and shady hacker groups are willing to pay millions of dollars for their
private disclosure
2. The bad actors exploit the vulnerability by sending a meticulously crafted message to the target
device. Attackers often use specially formed data, like a hidden text message or a pixel, to inject
compromising code onto the device. But it could also be an authentication request, a voicemail, a
video conferencing session, or even a phone call. Any of the above can be a vector to exploit a
vulnerability in an application that processes and evaluates data.
3. The vulnerability allows the attackers to infect the device remotely with malware,
spyware, trojans, etc. – whatever they fancy.
4. Once the device is infected, attackers can typically access the device‟s contents, gain complete
control over it, or even impersonate the owner and send messages on their behalf.
5. By the time the victim realizes they‟ve been attacked, it‟s too late. The attack has already
happened. And there‟s likely no trace of the attacker‟s compromising message on the device at
this point.
77
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
There are various modus operandi usually adopted by cyber criminals for the successful commissioning
of their crime. Common forms of them are described in this module:
With the advent of technology and globalization smartphones and computers have become very handy.
But each and every coin is two faced. The beneficiary side of technology is better communication, time
harvesting and many more but at the same time often people are exploited by others by sending
annoying and harassing messages either in the form of text i.e. SMS or in the form of multimedia
content i.e. MMS
Text Message
Annoying, Insulting, Misleading, Defaming messages are often sent using mobile phones in bulk. Hence
the actual source could not be fixed.
Such messages are often a cause of misperception among people of different race, culture and tradition
many a times often resulting in fights or riots.
Unaware and innocent people often fall in traps of cyber criminals for SMS of lottery, Emails of prize
money, false promise of jobs, and false mail for admission in reputed colleges.
Multimedia Messaging
Multimedia messages often defaming the identity of a person are distributed among small groups using
mobile phones.
Pornography, Obscene messages and cyber bullying are becoming very common and very popular, for
e.g. Delhi MMS Scandal.
Modus Operandi is the method adopted by the criminal for the successful commission of his
crime.
The main objective of modus operandi is successful commission of crime, concealing the identity
of the culprit and effective escape plan from law in case of being caught.
Technology is a double edged sword which has bettered our way of living by effective means of
communication. but along with, it has made us prone to new and effective means of fraud.
78
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Financial Attack
Offenders often clones the web page of a bank or any organizing or social site in the name of enhancing
their security or updating their services or creating a fake webpage in the place of genuine, which is a
look alike page of original, in order to collect personnel information at various stage and abuses the
information and abuse the information for causing wrongful loss, fraudulent transfer of funds in internet
banking. These can be operated in following ways:
Spoofing: - Spoofing of sites normally happens in banks official page with an intention of
financial fraud. Other sites are spoofed either for personnel pleasure or misleading the audience
or for causing embracement to a particular group of people.
Phishing: - This involves creating a fake page which is very similar to the genuine page for
secretly capturing the credentials of the victims. Online Fraud: - This is the next step after
phishing or spoofing. Once the culprit gets the valuable credentials of the victim he can use it for
online shopping, e-banking, etc.
Online Gambling: - This is much worse than real life gambling as such pages are deliberately
made to lure the victim and fall a prey to the tricks of a cyber criminal/expert, causing them to
lose a good amount of wealth.
Cyber Laundering: - Black money is transformed into white money through various portals of
online gambling or online shopping.
Social Engineering
This is neither a virus nor a malicious line of coding but it is just a trick which lures people into
revealing their password and other valuable credential by making them false stories or by taking them
under confidence.
It involves the spreading of obscene and nude or semi-nude pictures and videos resulting in social
harassment and sometimes be the sole reason behind the death of the victim (specially females).
Malware Attacks
Malware is software designed to infiltrate or damage a computer system without the knowledge of the
owner. It includes:
VIRUS: - It stands for “Vital Information and Resources Under Siege”. It works on a host file
and either replicates itself or causes improper functioning of the system.
RAT: - It stands for “Remotely Access Tool”. This software is designed to remotely control the
system without even the prior knowledge of the victim.
79
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Worms: - These are the software which goes on replicating itself until the whole system memory
is consumed. But unlike VIRUS, it does not need a host file.
Spyware: - These are the software use to spy on the victim‟s computer and his activities
remotely.
Backdoors: - These are specially designed software or codes of programming that give an access
to bypass the security features of a computer.
Key Loggers: - These are the softwares which records the strokes made on the keyboard by the
victim.
Section 72 of Information Technology Act, 2000 provides punishment for an unauthorised access or,
disclosure of that information to third person punishable with an imprisonment upto 2 years or fine
which may extend to 1 lakh rupees or with both.
The Information Technology Act, 2000 (ITAct- 2000) was enacted by Parliament of India to protect the
field of e-commerce, e-governance, e-banking as well as to provide for penalties and punishments in the
field of cyber crimes. The above Act was further amended by the Information Technology (Amendment)
Act, 2008 (ITAAct2008). The word 'communication devices' was inserted in the definition, to include
into its coverage cell phones, personal digital assistance or such other devices used to transmit any text,
video etc. like those which were later being marketed as iPad or other similar devices on Wi-fi and
cellular models. ITAct- 2000 defined 'digital signature', but the said definition was incapable to cater to
needs of the hour and therefore, the term 'Electronic signature' was introduced and defined in the
ITAAct - 2008 as a legally valid mode of executing signatures. This includes digital signatures as one of
the modes of signatures and is far broader in ambit covering biometrics and other new forms of creating
electronic signatures.
The new amendment has replaced Section 43 by Section 66. The word "hacking" used in Section 66 of
earlier Act of 2000 was removed and named as "data theft" and consequently widened in the form of
Sections 66A to 66F. The section covers the offences such as the sending of offensive messages through
communication service, misleading the recipient of the origin of such messages, dishonestly receiving
stolen computers or other communication device, stealing electronic signature or identity such as using
another person‟s password or electronic signature, cheating by personation through computer resource
80
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
or a communication device, publicly Dr. Sudhir Kumar Sharma publishing the information about any
person's location without prior permission or consent, cyber terrorism, the acts of access to a computer
resource without authorization, such acts which can lead to any injury to any person or result in damage
or destruction of any property, while trying to contaminate the computer through any virus like Trojan
etc. The offences covered under Section 66 are cognizable and nonbailable. It may be pointed here that
the consequence of Section 43 of earlier Act was civil in nature having its remedy in the form of
damages and compensation only
Under Section 66 of the Amendment Act, 2008 if an act is done with mens rea i.e. criminal intention, it
will attract criminal liability resulting in imprisonment or fine or both. The law of defamation under
Section 499 got extended to "Speech" and "Documents" in electronic form with the enactment of the
Information Technology Act, 2000. Section 66A of the Information Technology Act, 2000. Any person
who sends, bymeans of a computer resource or a communication device:-
(ii) any content information which he knows to be false, but for the purpose of causing annoyance,
inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will,
persistently makes by making use of such computer resource or a communication device, or
(iii) any electronic mail or electronic mail message for the purpose of causing annoyance or
inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages,
shall be punishable with imprisonment for a term which may extend to three years and with fine.
Section 66A of the Information Act, 2000 does not specifically deal with the offence of cyber
defamation but it makes punishable the act of sending grossly offensive material for causing insult,
injury or criminal intimidation.
81
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
UNIT V
The infographic below shows the different types of content that you can use to drive more traffic to your
social media account.
Entertainment
Inspiration
Education
Conversation
Connection
Promotion
82
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
What are the 6 types of social media content that can help drive more engagement?
Entertainment
Inspiration
Education
Conversation
Connection
Promotion
Fun holidays
Viral videos
Jokes
83
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Memes
Comics
Puzzles
Contest/giveaways
Quotes
Facts
Personal stories
Industry research
Case studies
Questions
Polls
84
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Product reviews
Client testimonials
Webinars
Products
Discounts
Services
You‟ve all seen viral videos online. Amidst the pool of videos being posted online, it is totally difficult
to make yours go viral. But these tips are very helpful:
Tell a story
Personal stories posted online to gather more likes and shares. Here are some tips to consider when
writing personal stories:
Maintain consistency
85
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Make it simple
Use images
Do a test drive
Keep it simple
Stay balanced
A remarkable product review needs to be written with pure honesty and these things:
Become an affiliate
Be honest on everything
86
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A webinar is a powerful tool for social media marketing. Here are the tips on how to produce better
webinars:
Social media security refers to strategies businesses and individuals can use to protect their social
accounts from threats like hacking, phishing, and malware.
Imposter accounts
Password theft
Social Media Laws are required to deal with the crimes emerging these days due to the excessive use of
social media platforms. These laws provide remedies in both civil and criminal manner for protecting
the prohibited content. There are various laws associated with social media litigation which include
Digital Millennium Copyright Act and the Communication Decency Act for solving cybercrime or
cyberspace problems.
87
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Due to the anonymity and quackery of social media, there is an increase in online violence affecting
people of all ages. In order to reduce social media-related crimes including stalking, harassment,
bullying, and threats, social media laws are required. For instance, recent riots in some Indian states due
to the circulation of fake news video violence through Facebook, YouTube, and WhatsApp lead to
severe damage. This is the reason that there is a need for strong social media laws in our country.
Any individual who has a grievance regarding content published by another individual can issue his
grievance on the grievance mechanism rather than blocking or ignoring the issue. Grievance redressal is
performed by following an appropriate sequence as discussed below:
The grievance should be addressed by the publisher and within 15 days of the registration, they
should inform the complainant about their decision.
If the publisher does not communicate their decision to the complainant within the given time
then it is escalated to the self-regulatory body where publisher is a member.
If the complainant is not satisfied with publisher‟s decision then they can appeal to the self-
regulatory body within 15 days of receiving the decision.
After this, the self-regulatory body addressed the grievance and convey the decision to the
publisher in the form of advisory or guidance. They also inform the complainant about the made
decision within 15 days.
If the complainant is not satisfied with the self-regulatory body‟s decision then they can appeal
to the Oversight Mechanism within a period of 15 days of the decision.
Information Technology Act, 2000 (IT Act) is a primary law in India for dealing with matters related to
e-commerce and cybercrime. The main objective of this Act is to grant legal recognition to transactions
performed via electronic data exchange or any other means rather than paper-based communication. It
also provides legal recognition to digital signatures and gives legal sanctions to enable e-governance.
Under this law, penalties are prescribed for different frauds and crimes involving computers or a
network. Along with this, certain provisions of the IPC (Indian Penal Code) are amended in the
Information Technology Act which includes the Indian Evidence Act of 1872, the Reserve Bank of India
Act of 1934, and the Banker‟s Book Evidence Act of 1891. Some of the sections of the IT Act are listed
as follows:
Section 66A: This section of the IT Act gives the power to arrest anyone sending messages or
posting content on social media that could be deemed offensive. Also, it‟s offensive to send any
wrong or false information for the purpose of spreading hatred, annoyance, inconvenience,
obstruction, danger, enmity, insult, and criminal intimidation. Such activity is punishable and as
per the law, three years of imprisonment with a fine is the penalty imposed on the criminal.
88
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Section 69A: According to this section, the government has the authority to monitor, decrypt or
intercept any information that is not consistent with provisions of the government. It empowers
the authorities to block internet sites by following an appropriate procedure. The recent banning
of Chinese applications was done under Section 69A of the IT Act. The one who did not comply
with the provisions of this section is punished with imprisonment and a fine.
Constitution of India
It provides basic rights to Indian citizens which helps them in protecting their basic life interests. If these
rights are violated, various remedial measures are provided to them. In Article 19 of the Indian
Constitution, the Right to freedom of speech and expression is mentioned which ensures that every
individual has the right to present their thoughts to others. This means that they can raise their voice
against any wrongdoing that happened to them or any other person they know.
Indian Penal Code (IPC) is addressed as the official criminal code of India aimed at covering all
essential areas of criminal law. Anyone found guilty of a crime related to property, the human body,
conspiracy, or social media is punishable under the provisions of the IPC. There are different Sections in
the IPC, 1860 which deals with crimes related to social media. Some of the Sections identified for the
same are illustrated as follows:
Section 124A: It mainly deals with sedition, a criminal act that encourages the opposition to
rebel against the Government.
Section 153A: The purpose of this Section is to punish those who attack the religion, place of
birth, language, and race of any particular religion or group.
Section 295A: The main objective of this Section is to punish those who defame religion or
religious belief on purpose.
Section 499: It primarily deals with defamation where an individual faced legal consequences
for making a defamatory comment either verbally or in writing with a motive to destroy
someone‟s reputation.
Section 505: Under this Section of IPC, anyone who makes statements promoting public
annoyance faces legal consequences.
Section 506: An individual who tries to intimidate the other person either physically or with the
help of any electronic means will amount to an offense resulting in the punishment of
imprisonment for a few years or a fine or both.
Section 509: Deals with the crime of disrespecting women‟s modesty and the punishment for the
same will be imprisonment of one year or a fine.
89
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
An intermediary should inform the user of its computer resource not to publish, display, update, modify,
store or share information that belongs to another person, is defamatory, obscene, paedophilic,
pornographic, and infringes intellectual rights. Online activities that threaten the unity, integrity,
defence, security or sovereignty of India should be avoided and its friendly relations with foreign States
should not suffer.
Shreya Singhal vs. Union of India: In this case, police made an arrest of two women under
Section 66A for posting comments on Facebook after the death of a political leader. The
Supreme Court of India invalidated Section 66A of the Information technology Act, 2000 as it
was unconstitutional.
Questions:
1. Is there a Right to be Forgotten in India?
Currently, there is no Right to be Forgotten in India.
1. Identify the term which denotes that only authorized users are capable of accessing the
information
A. Confidentiality
B. Availability
C. Integrity
D. Non-repudiation
Answer: B) The term which denotes that only authorized users are capable of accessing the information
is known as availability.
2. State whether True or False: Data encryption is primarily used to ensure confidentiality.
A. True
B. False
C. Cannot be interpreted
D. None
3. Identify the Debian-based OS which has 2 virtual machines and focuses on preserving
users’ data.
A. Ubuntu
B. Fedora
C. Whonix
90
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
D. Kubuntu
Answer: C) Whonix has two virtual machines and focuses on preserving users‟ data.
4. Identify the oldest phone hacking technique used by hackers to make free calls.
A. Spamming
B. Phreaking
C. Cracking
D. Phishing
Answer: B) Phreaking is the oldest phone hacking technique used by hackers to make free calls.
5. Which of the following platforms is used for the safety and protection of information in the
cloud?
A. AWS
B. Cloud workload protection platforms
C. Cloud security protocols
D. One Drive
Answer: B) Cloud workload protection platforms are used for the safety and protection of information
in the cloud.
6. Identify the type of attack which uses a fraudulent server with a relay address.
A. MITM
B. NTLM
C. SMB
D. NetBIOS
Answer: D) The port used to connect to Active Directory in Windows 2000 is 389.
8. Choose among the following techniques, which are used to hide information inside a
picture.
A. Image rendering
B. Steganography
C. Rootkits
D. Bitmapping
91
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
11. Which of the following is used for monitoring traffic and analyzing network flow?
A. Managed detection and response
B. Cloud access security broker
C. Network traffic analysis
D. Network security firewall
Answer: C) Network traffic analysis is used for monitoring traffic and analyzing network flow.
13. In which category does the lack access control policy fall?
A. Threat
B. Bug
C. Attack
D. Vulnerability
A. Phishing
B. DOS attack
C. Soliciting
D. Both B and C
15. Which software is mainly used to help users detect viruses and avoid them?
A. Antivirus
B. Adware
C. Malware
D. None of the above
Answer: A) Antivirus is used to help users detect viruses and avoid them.
16. Identify the term which denotes the violation of principle if the computer is no more
accessible.
A. Access control
B. Availability
C. Confidentiality
D. All of the above
93
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
25. Identify which of the following can be considered instances of Open design.
94
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. DVD Player
B. CSS
C. Only B
D. Both A and B
Answer: D) Both DVD Player and CSS are instances of open design and their documentation is
publicly available.
28. Identify the malware which does not replicate or clone through an infection?
A. Trojans
B. Worms
C. Rootkits
D. Virus
35. Which of the following is used for encrypting data at the network level?
A. HTTPS
B. SMTP
C. S/MIME
D. IPSec
39. Identify the term among the following which is the first phase of ethical hacking.
A. Footprinting
B. ARP Poisoning
C. DNS Poisoning
D. Enumeration
42. Identify the type of symmetric key algorithm which uses a streaming cipher to encrypt
information.
A. SHA
B. MD5
97
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
C. RC4
D. Blowfish
43. Identify the maximum character which Linux OS supports in its file names.
A. 32
B. 64
C. 128
D. 256
44. Among the following, identify the one which does not need any host program and is
independent.
A. Worm
B. Virus
C. Trojan horse
D. Trap door
Answer: A) Worm does not need any host program and is independent.
Answer: C) It is a type of unsolicited email which is generally sent in bulk to an indiscriminate recipient
list for commercial purposes.
47. Which one of the following can be considered as the class of computer threats?
A. Dos Attack
B. Phishing
C. Soliciting
D. Both B and C
Answer: A) A dos attack refers to the denial of service attack.
98
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
48. Choose the default port number for Apache and other web servers.
A. 20
B. 27
C. 80
D. 87
50. Identify the element which is not considered in the triad, according to the CIA.
A. Authenticity
B. Availability
C. Integrity
D. Confidentiality
52. Identify the term which denotes the protection of data from modification by unknown
users.
A. Confidentiality
B. Authentication
C. Integrity
D. Non-repudiation
1. Using social media sites like ____, and Google+, you can increase website traffic through
social media marketing.
A. Facebook
99
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
B. Twitter
C. LinkedIn
D. All of the above
Explanation:
Using social media sites like Facebook, Twitter, LinkedIn, and Google+, you can increase
website traffic through social media marketing.
Explanation:
A. Businesses
B. Products
C. Services
D. All of the above
Explanation:
In Facebook marketing, businesses, products, and services are advertised and promoted on
Facebook.
100
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
4. With the help of which key feature of Facebook, you are able to stream videos live?
A. Online Chat
B. Facebook Group
C. Facebook Live
D. Facebook Insights
Explanation:
With the help of Facebook Live key feature of Facebook, you are able to stream videos live.
5. With the help of which key feature of Facebook, you can see the posts of your
competitors' business pages and improve your Facebook business pages by monitoring
their content?
A. Business Page
B. Facebook Group
C. Facebook Insights
D. Facebook History
Explanation:
With the help of Facebook Insights key feature of Facebook, you can see the posts of your
competitors' business pages and improve your Facebook business pages by monitoring their
content.
6. On the Facebook Business page, you can post information and updates about your
business that will be visible to everyone ____.
101
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
On the Facebook Business page, you can post information and updates about your business that
will be visible to everyone who has liked it.
A. Create Button
B. Create Username
C. Add Business Hours
D. All of the above
Explanation:
i. Create Button
ii. Create Username
iii. Add Business Hours
Explanation:
You can use Facebook Groups to reach out to your targeted audience, gain insights to promote
your business, and increase customer loyalty.
A. Tags
B. Your Location
102
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
C. Both A and B
D. None of the above
Explanation:
The following can be added to the Facebook Group - Tags and Your Location.
10. Since ____ groups are not listed in search results, you can only join them when a
member invites you.
A. Private
B. Public
C. Secret
D. Facebook
Answer: C) Secret
Explanation:
Since secret groups are not listed in search results, you can only join them when a member
invites you.
11. You can increase your ____ awareness by joining Facebook Groups and sharing
relevant information and updates about your business with other members.
A. Brand
B. Business
C. Both A and B
D. None of the above
Explanation:
You can increase your brand and business awareness by being helpful by joining Facebook
Groups and sharing relevant information and updates about your business with other members.
103
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
12. In ____ marketing, companies or users reach out to new customers by using Twitter
for promoting or advertising their businesses.
A. Facebook
B. Twitter
C. Instagram
D. LinkedIn
Answer: B) Twitter
Explanation:
In Twitter marketing, companies or users reach out to new customers by using Twitter for
promoting or advertising their businesses.
Explanation:
14. The ____ feature allows you to receive notifications whenever a tweet is posted to your
Twitter account.
A. Twitter Chat
B. Tweet Alert
C. Twitter Moments
D. Download Tweets
104
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
The Tweet Alert feature allows you to receive notifications whenever a tweet is posted to your
Twitter account.
A. Sharing Ideas
B. Sending Messages
C. Promoting Brands
D. All of the above
Explanation:
Twitter is a great platform for sharing ideas, sending messages, and promoting brands and
businesses.
16. Including a link to your website along with relevant information about your business
will make your tweet visible to all ____.
A. Twitter Users
B. Your Followings
C. Your Followers
D. None
Explanation:
Including a link to your website along with relevant information about your business will make
your tweet visible to all your followers.
A. 140
B. 280
C. 360
D. 720
105
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Answer: B) 280
Explanation:
Explanation:
19. What is/are an/the important point(s) to remember while making a tweet?
Explanation:
20. Which of the following factors is involved in increasing your followers on Twitter?
106
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
Starting your Blog is one of the factors involved in increasing your followers on Twitter.
21. By hosting a ____, you'll be able to establish authority and credibility in your field and
build a community with like-minded people.
A. Twitter Chat
B. Live Tweet
C. Promoted Tweets
D. Twitter Analytics
Explanation:
By hosting a Twitter chat, you'll be able to establish authority and credibility in your field and
build a community with like-minded people.
A. Retweet
B. Reply
C. Direct Message
D. None
Answer: A) Retweet
Explanation:
23. In tweets, ____ are used to add the 'Hash' sign before important keywords.
A. Tags
B. Hashtags
107
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
C. Both A and B
D. None of the above
Explanation:
In tweets, hashtags are used to add the "Hash" sign before important keywords.
24. On Twitter's home page, the 'Who to follow' section displays promoted accounts as
'____'.
A. Ad Keywords
B. Ad Description
C. Ad Units
D. Ad Tags
Answer: C) Ad Units
Explanation:
On Twitter's home page, the "Who to follow" section displays promoted accounts as "ad units."
25. You can easily find and follow your ____ on Twitter by promoting your Twitter
account.
A. Followers
B. Following
C. Target Audience
D. None
Explanation:
You can easily find and follow your target audience on Twitter by promoting your Twitter
account.
26. You can publish an ____ on your website using Twitter Widget.
108
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. Interface
B. Inbound link
C. Intralink
D. Interlink
Answer: A) Interface
Explanation:
27. You can use Twitter Widget to provide your visitors with several benefits, such as They
can see the ____ on Twitter.
A. Followers
B. Followings
C. Conversation
D. None
Answer: C) Conversation
Explanation:
You can use Twitter Widget to provide your visitors with several benefits, such as They can see
the conversation on Twitter.
28. You can allow your readers to share your page quickly with their followers using ____.
A. TwitThis
B. Chirrup
C. Aweber
D. Twitterfeed
Answer: A) TwitThis
Explanation:
You can allow your readers to share your page quickly with their followers using TwitThis.
29. Your tweets appear on your Twitter account at a time interval you set up with ____.
109
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. Social Oomph
B. Tweet Old Post
C. Visibili
D. Hootsuite
Explanation:
Your tweets appear on your Twitter account at a time interval you set up with Social Oomph.
30. With ____, you can build a custom sharing bar with Twitter buttons and other social
sharing icons.
A. Visible
B. Visibili
C. Visibilli
D. None
Answer: B) Visibili
Explanation:
With Visibili, you can build a custom sharing bar with Twitter buttons and other social sharing
icons.
A. Reply
B. Tweet
C. Retweet
D. None
Answer: C) Retweet
Explanation:
32. The '____' symbol is often used to repost someone else's tweet.
110
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. RE
B. RT
C. RET
D. RETW
Answer: B) RT
Explanation:
A. Your Home timeline shows the Tweets that your followers have retweeted.
B. Blocking accounts prevents you from seeing tweets retweeted by them.
C. You can see how many times your Tweets have been retweeted and who is retweeting
them in the notifications tab.
D. All of the above
Explanation:
Retweets appear at -
i. Your Home timeline shows the Tweets that your followers have retweeted.
ii. Blocking accounts prevents you from seeing tweets retweeted by them.
iii. You can see how many times your Tweets have been retweeted and who is retweeting
them in the notifications tab.
34. You can subscribe to other people's ____ or create your own.
A. Accounts
B. Lists
C. Tweets
D. None
Answer: B) Lists
Explanation:
35. You can view all Tweets from that list's accounts by viewing its ____.
A. Account
B. Followers
C. Followings
D. Timeline
Answer: D) Timeline
Explanation:
You can view all Tweets from that list's accounts by viewing its timeline.
A. #
B. @
C. &
D. *
Answer: A) #
Explanation:
# is a pound sign.
37. You can discover the latest tweets that contain a ____ by clicking on a hashtag when
you tweet it.
A. Link
B. Hashtag
C. Follower
D. Chat
Answer: B) Hashtag
Explanation:
You can discover the latest tweets that contain a hashtag by clicking on a hashtag when you
tweet it.
112
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
38. Using ____, you can enhance your local search visibility and share information with
people in 'Circles'.
A. Google
B. Google+
C. Google One
D. None
Answer: B) Google+
Explanation:
Using Google+, you can enhance your local search visibility and share information with people
in "Circles".
A. Publisher and Authorship markup can be used to link Google+ pages and personal
profiles to websites.
B. The Google+ social network is similar to Twitter in that it allows you to follow other
people.
C. Posts or status updates on Google+ are immediately indexed by search engines.
D. All of the above
Explanation:
i. Publisher and Authorship markup can be used to link Google+ pages and personal
profiles to websites.
ii. The Google+ social network is similar to Twitter in that it allows you to follow other
people.
iii. Posts or status updates on Google+ are immediately indexed by search engines.
A. Be seen by everyone
B. Only be seen by those invited to it
C. Only be seen to your followers
D. Only be seen to your followings
113
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
The content of a private Google+ community can only be seen by those invited to it.
41. Search for relevant ____ related to your business and it will show you a list of relevant
communities. Select the one that is most relevant to your business.
A. Keywords
B. Tags
C. Description
D. Links
Answer: A) Keywords
Explanation:
Search for relevant keywords related to your business and it will show you a list of relevant
communities. Select the one that is most relevant to your business.
42. ____ the members of the community will know about your business whenever you
share information and updates about it in the community.
A. Only few
B. All
C. One of
D. Two of
Answer: B) All
Explanation:
All the members of the community will know about your business whenever you share
information and updates about it in the community
43. You can post your message by clicking on the community and then clicking the ____
section (What do you want to share?).
A. Upper
B. Middle
C. Bottom
114
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
D. None
Answer: B) Middle
Explanation:
You can post your message by clicking on the community and then clicking the middle section
(What would you like to share?
44. ____ provides a platform for connecting with professionals, building professional
networks, and staying in contact with millions of users.
A. Twitter
B. Facebook
C. Instagram
D. LinkedIn
Answer: D) LinkedIn
Explanation:
Linkedin provides a platform for connecting with professionals, building professional networks,
and staying in contact with millions of users.
45. ____ is another use of LinkedIn for promoting businesses, products, and brands.
A. LinkedIn Bots
B. LinkedIn Promotions
C. LinkedIn Brands
D. LinkedIn Marketing
Explanation:
LinkedIn Marketing is another use of LinkedIn for promoting businesses, products, and brands.
46. LinkedIn's ____ feature displays your professional network, the list of professionals
you're connected with.
A. Profile
B. My Network
115
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
C. Jobs
D. Messages
Answer: B) My Network
Explanation:
LinkedIn's My Network feature displays your professional network, the list of professionals
you're connected with.
47. Employers post job listings in the ____ section, which is divided into different
categories.
A. Profile
B. Jobs
C. Messages
D. Notification
Answer: B) Jobs
Explanation:
Employers post job listings in the jobs section, which is divided into different categories.
A. 2
B. 3
C. 4
D. 5
Answer: A) 2
Explanation:
49. On your LinkedIn homepage, you can search for ____ by entering their names.
A. Groups
116
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
B. Keywords
C. Both A and B
D. None of the above
Explanation:
On your LinkedIn homepage, you can search for groups and keywords by entering their names.
50. To ____ to your website, you can share your business-related information with the
group members after joining.
Explanation:
To promote your business and increase traffic to your website, you can share your business-
related information with the group members after joining.
A. Pinterest
B. Twitter
C. LinkedIn
D. Facebook
Answer: A) Pinterest
Explanation:
52. Pinterest allows you to create ____ that contain images and videos that you can share
with other users.
117
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. Images
B. Videos
C. Users
D. Boards
Answer: D) Boards
Explanation:
Pinterest allows you to create boards that contain images and videos that you can share with
other users.
A. Pins
B. Repins
C. Boards
D. Follow
Answer: A) Pins
Explanation:
A. Board
B. Follow
C. Pin
D. Repin
Answer: D) Repin
Explanation:
55. There are no restrictions on how many pins you can add to a ____, and you can create
different ____ for different categories.
118
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. Page
B. Mark
C. Board
D. Section
Answer: C) Board
Explanation:
There are no restrictions on how many pins you can add to a board, and you can create different
boards for different categories.
56. A Pinterest business account gives you access to ____ tools for promoting your
business.
A. Adwords
B. Analytics
C. Both A and B
D. None of the above
Answer: B) Analytics
Explanation:
A Pinterest business account gives you access to analytics tools for promoting your business.
57. Pinterest will ask you for the ___ to the website you are pinning from if you want to
add a pin from the web.
A. Tag
B. Keyword
C. Link
D. None
Answer: C) Link
Explanation:
Pinterest will ask you for the link to the website you are pinning from if you want to add a pin
from the web.
119
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
A. There should be at least 500 pixels of width on a Pin, and an aspect ratio of 2:3 has been
found to be the best.
B. There should be at least 600 pixels of width on a Pin, and an aspect ratio of 4:3 has been
found to be the best.
C. There should be at least 600 pixels of width on a Pin, and an aspect ratio of 2:3 has been
found to be the best.
D. There should be at least 500 pixels of width on a Pin, and an aspect ratio of 4:3 has been
found to be the best.
Answer: C) There should be at least 600 pixels of width on a Pin, and an aspect ratio of 2:3 has
been found to be the best.
Explanation:
To increase the visibility of Pins with Image Size, there should be at least 600 pixels of width on
a Pin, and an aspect ratio of 2:3 has been found to be the best.
59. Which of the following is a way used to increase the visibility of a pin?
Explanation:
The following are the ways used to increase the visibility of pin -
Explanation:
A. Pin views
B. Pin acts
C. Average daily impression
D. All of the above
Explanation:
i. Pin views
ii. Pin acts
iii. Average daily impression
Explanation:
63. You can tag users by typing the @ sign and username of the person without any spaces
while ____.
121
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
Explanation:
You can tag users by typing the @ sign and username of the person without any spaces while
writing a description for your pin or commenting on their pin.
64. While it may take months to build 2000 followers, you can share your Pin with 2000
followers instantly by joining a group with ____ members.
A. 1000
B. 2000
C. 5000
D. 10000
Answer: B) 2000
Explanation:
While it may take months to build 2000 followers, you can share your Pin with 2000 followers
instantly by joining a group with 2000 members.
A. Pinterest Group
B. Pinterest Group Board
C. Pinterest Group Board Directory
D. None
Explanation:
122
BBA/B.com All/B.Sc./BCA III Year Digital Awareness
123