Earlier this month, HDFC Bank had warned its internet banking customers to be aware of fraudsters who are using the AnyDesk app to steal money through the unified payments interface (UPI). Now, the German software company AnyDesk Software GmbH Germany are detailing the security measures they have put in place to prevent fraudsters from using their remote desktop management app to steal money from users.
“AnyDesk incorporates high security software that is trustworthy, and used by millions of individuals, as well as by 17,000 companies in 165 countries. It’s is extremely protected software, and it is an excellent tool for IT experts working on remote devices without being on-site. AnyDesk uses banking-standard TLS 1.2 technology to protect users’ computers, as well as RSA 2048 asymmetric key exchange encryption to verify every connection,” says Oldřich Müller, COO at AnyDesk, in a statement shared with News18.
TLS is a cryptographic protocol meant to proviode end-to-end security cover for communications done over networks, and is widely used for online transactions and internet banking. The RSA (Rivest–Shamir–Adleman) is one of the first crypto public key standards to secure the data that is being sent on networks. 2048 bits means the length of the asymmetric key used to secure data from attacks, including brute force attacks.
AnyDesk urges users to be more vigilant with their access codes, including internet banking passwords and pins, for instance. If anyone is asking for these codes or pins, that should immediately raise a red flag. A bank or any of its employees will never ask for your internet banking login details or pins. “Fraud can only be possible if the user grants someone access to their device. We continually remind our users that they should only share access codes with people they know,” says Müller before adding, “If someone claiming to be from an institution contacts them, they should call the institution directly, and check whether the request is legitimate.”
AnyDesk also has the option that allows users to report fraud and malicious attempts during any of the sessions, which helps identify and block scammers and fraudsters’ access to the software.
"Beware! Fraudsters may ask you to download AnyDesk App and share a 9-digit code which gets them access to your phone to steal money. Do not share your card details/OTP/PIN with anyone and report any unusual activity immediately to the bank," HDFC Bank had said in a message shared with its customers.
Apps like AnyDesk can be used by fraudsters to gain unauthorized access to a victim’s smartphone and desktop and carry out transactions, not authorised by the bank account holder otherwise. AnyDesk is an application for smartphones, including Google's Android platform, which allows remote control of devices.
In February, the Reserve Bank of India (RBI) had also said that AnyDesk is capable of acquiring full access to your smartphone and would let fraudsters carry out banking transactions remotely.