Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 AQA ICT AS Level © Nelson Thornes 2008 1 Safety and security Chip and Pin.

Published bySamson Franklin Modified over 8 years ago

Similar presentations

Presentation on theme: "1 AQA ICT AS Level © Nelson Thornes 2008 1 Safety and security Chip and Pin."— Presentation transcript:

1 1 AQA ICT AS Level © Nelson Thornes 2008 1 Safety and security Chip and Pin

2 2 AQA ICT AS Level © Nelson Thornes 2008 2 Credit and debit cards How do we use them? Credit cards

3 3 AQA ICT AS Level © Nelson Thornes 2008 3 Payments were authorised by signature, leaving the banking system open to fraud. Anyone could use this dropped card just by practising the signature. Before Chip and PIN

4 4 AQA ICT AS Level © Nelson Thornes 2008 4 Cards are no longer verified by signature alone. Cardholders have their own 4 digit personal identification number (PIN). Scratch here to reveal PIN. Chip and PIN

5 5 AQA ICT AS Level © Nelson Thornes 2008 5 Chip and PIN Crime Prevention website PINs are needed to gain access at an ATM – but keep them to yourself. PINs are needed to complete purchase.

6 6 AQA ICT AS Level © Nelson Thornes 2008 6 Memorise your PIN if possible – it only has 4 digits. Destroy your PIN advice slip. If you must write down your PIN, keep it in a safe place, perhaps disguised as part of a phone number. Chip and PIN - Docs

7 7 AQA ICT AS Level © Nelson Thornes 2008 7 Chip and PIN - Don’ts Do not keep your PIN Number with your card. Do not include a heading with your PIN Number. Do not tell anyone else your PIN Number.

8 8 AQA ICT AS Level © Nelson Thornes 2008 8 3 digit security code The 3-figure security code, the Card Validation Value, on the back of a credit card is used so that suppliers know that the card is actually in the customer’s possession. It is used when ordering by phone or over the Internet. The code is not contained in the magnetic strip.

9 9 AQA ICT AS Level © Nelson Thornes 2008 9 The introduction of Chip and PIN has made the use of credit and debit cards much more secure. Verification is no longer by signature but by a 4- figure code. Chip and PIN summary

10 10 AQA ICT AS Level © Nelson Thornes 2008 10 AQA ICT AS Level © Nelson Thornes 2008 Computer Misuse Act

11 11 AQA ICT AS Level © Nelson Thornes 2008 11 AQA ICT AS Level © Nelson Thornes 2008 Three misuse offences have been identified: Legislation 1.Unauthorised access to computer material 2.Unauthorised access with intent to commit or facilitate further offences 3.Unauthorised modification of computer material Click the links to see examples, then click here for the next slide.here Example

12 12 AQA ICT AS Level © Nelson Thornes 2008 12 AQA ICT AS Level © Nelson Thornes 2008 An employee hacks into his company’s payroll system to find out how much a colleague earns just for the fun of it. BackBack to menu Unauthorised access to computer material

13 13 AQA ICT AS Level © Nelson Thornes 2008 13 AQA ICT AS Level © Nelson Thornes 2008 An employee accesses a customer’s record so that he can find their credit card details and use them to buy goods fraudulently. BackBack to menu Unauthorised access with intent to commit a further crime

14 14 AQA ICT AS Level © Nelson Thornes 2008 14 AQA ICT AS Level © Nelson Thornes 2008 Edward has hacked into the school’s reporting system and is not happy with some of the comments and grades. He changes them. BackBack to menu Unauthorised modification of computer material

15 15 AQA ICT AS Level © Nelson Thornes 2008 15 AQA ICT AS Level © Nelson Thornes 2008 Unauthorised access –6 months imprisonment and/or a fine of £5000 Unauthorised access with intent –5 years imprisonment and/or an unlimited fine Unauthorised modification of data –5 years imprisonment and/or an unlimited fine Penalties

16 16 AQA ICT AS Level © Nelson Thornes 2008 16 AQA ICT AS Level © Nelson Thornes 2008 The Computer Misuse Act has three levels: Unauthorised access to data Unauthorised access with criminal intent Unauthorised modification or deletion of data or programs, the introduction of viruses Summary

17 17 AQA ICT AS Level © Nelson Thornes 2008 17 AQA ICT AS Level © Nelson Thornes 2008 Data Protection Act

18 18 AQA ICT AS Level © Nelson Thornes 2008 18 AQA ICT AS Level © Nelson Thornes 2008 The Data Protection Act sets out to protect personal data belonging to living individuals. It is managed by the Information Commission. There are some exemptions where the act does not apply, for example: you cannot demand to see data that might affect national security or that might hinder police investigations into crimes you cannot refuse to allow data collected for the electoral roll to be publicly available. Provisions

19 19 AQA ICT AS Level © Nelson Thornes 2008 19 AQA ICT AS Level © Nelson Thornes 2008 Data subjects are living, identifiable individuals who have data stored about them, for example, you. Data users are people who hold data about data subjects, for example, your school or college. Organisations holding personal data must appoint a Data Controller who is responsible for the way data is used. Provisions

20 20 AQA ICT AS Level © Nelson Thornes 2008 20 AQA ICT AS Level © Nelson Thornes 2008 Duties of the Information Commissioner are: 1.To enforce and oversee the data protection act. 2.To promote good information handling 3.To provide guidelines 4.To investigate complaints 5.To act as ombudsman

21 21 AQA ICT AS Level © Nelson Thornes 2008 21 AQA ICT AS Level © Nelson Thornes 2008 Data must be: Fairly and lawfully processed Processed for limited purposes Adequate, relevant and not excessive Accurate Not kept longer than necessary Processed in accordance with your rights Kept secure Not transferred abroad without adequate protection Please click above to see example or skip to summary summary Provisions

22 22 AQA ICT AS Level © Nelson Thornes 2008 22 AQA ICT AS Level © Nelson Thornes 2008 Data subjects must give permission for data to be sold or passed on. Data is often sold. Companies must have your permission to do this. BackBack to menu Fairly and lawfully processed

23 23 AQA ICT AS Level © Nelson Thornes 2008 23 AQA ICT AS Level © Nelson Thornes 2008 Data must be collected for a particular purpose and permission must be sought from the data subject to use it for anything else. If data is to be passed on the company should inform the Information Commissioner BackBack to menu Processed for limited purposes

24 24 AQA ICT AS Level © Nelson Thornes 2008 24 AQA ICT AS Level © Nelson Thornes 2008 Organisations can only collect data that is actually needed to provide the services they offer. They must state what data they intend to collect when they register as data users. For example, you should not be asked for your National Insurance Number by a mail order company. BackBack to menu Adequate, relevant and not excessive

25 25 AQA ICT AS Level © Nelson Thornes 2008 25 AQA ICT AS Level © Nelson Thornes 2008 Financial figures must be accurate. For example, salary level determines the amount that can be borrowed for a mortgage. That might mean that a person applying for a mortgage might be refused because of the mistake, when the mortgage would normally have been granted. BackBack to menu Accurate

26 26 AQA ICT AS Level © Nelson Thornes 2008 26 AQA ICT AS Level © Nelson Thornes 2008 BackBack to menu Organisations must destroy data when it is no longer needed although not necessarily straight away. School records, for example, are usually kept for five years after a student leaves, even paper ones. Not kept longer than necessary

27 27 AQA ICT AS Level © Nelson Thornes 2008 27 AQA ICT AS Level © Nelson Thornes 2008 Data subjects have the right to: see the data held about them correct inaccurate data stop data being processed if it is likely to cause distress complain to the Information Commissioner if they think the rules have been broken claim compensation if they can prove that damage or distress has been caused by misuse of their data. BackBack to menu Processed in accordance with your rights

28 28 AQA ICT AS Level © Nelson Thornes 2008 28 AQA ICT AS Level © Nelson Thornes 2008 In computer terms this refers to the use of passwords and other security measures such as the encryption of data if sent elsewhere. BackBack to menu Kept secure

29 29 AQA ICT AS Level © Nelson Thornes 2008 29 AQA ICT AS Level © Nelson Thornes 2008 Data can only be transmitted to other countries provided they have laws equivalent to the Data Protection Act. Countries within the EU do have them. BackBack to menu Not transferred abroad without adequate protection

30 30 AQA ICT AS Level © Nelson Thornes 2008 30 AQA ICT AS Level © Nelson Thornes 2008 The Data Protection Act is designed to prevent inappropriate use of data about individuals. It is overseen by the Information Commissioner. Data users store data about data subjects. Data users must follow the eight Data Protection Principles. There are some exemptions to the act, such as national security. Summary

31 31 AQA ICT AS Level © Nelson Thornes 2008 31 AQA ICT AS Level © Nelson Thornes 2008 Firewalls and Virus Checkers

32 32 AQA ICT AS Level © Nelson Thornes 2008 32 AQA ICT AS Level © Nelson Thornes 2008 Firewalls What does a firewall do? It checks the data coming into a computer system via the Internet against a set of rules or criteria, and only lets permitted material through. It also helps to prevent unauthorised access to computer networks.

33 33 AQA ICT AS Level © Nelson Thornes 2008 33 AQA ICT AS Level © Nelson Thornes 2008 They work by: Allowing all traffic unless it does not meet certain criteria. Allowing no traffic unless it meets certain criteria. Basic criteria could be: nature of the data source of the data Firewalls

34 34 AQA ICT AS Level © Nelson Thornes 2008 34 AQA ICT AS Level © Nelson Thornes 2008 Firewalls can be hardware or software Firewalls Hardware Software

35 35 AQA ICT AS Level © Nelson Thornes 2008 35 AQA ICT AS Level © Nelson Thornes 2008 Firewalls Firewall software is usually included as part of the operating system. Specialist firewall software can also be purchased, for example:

36 36 AQA ICT AS Level © Nelson Thornes 2008 36 AQA ICT AS Level © Nelson Thornes 2008 How can organisations prevent unauthorised access? A firewall can log all attempts to enter a private network. Multiple attempts may suggest unauthorised attempts. This warning would allow extra security to be put in place. An audit trail is a record that shows who has accessed an ICT system and what they have done. Avoid using the term hacking in an exam, as this is rather vague. Unauthorised access

37 37 AQA ICT AS Level © Nelson Thornes 2008 37 AQA ICT AS Level © Nelson Thornes 2008 Firewalls How does the firewall in your own institution work? How does your institution prevent access to unsuitable websites? How does your institution prevent unauthorised access?

38 38 AQA ICT AS Level © Nelson Thornes 2008 38 AQA ICT AS Level © Nelson Thornes 2008 Anti-virus software continually scans for viruses, including Trojans and Worms. It must be kept up-to-date, though, as new viruses appear all the time. Companies usually charge a subscription for updates. Virus Checkers

39 39 AQA ICT AS Level © Nelson Thornes 2008 39 AQA ICT AS Level © Nelson Thornes 2008 Anti-virus software maintains a database of known viruses. Incoming data files, through e-mail, downloads or removable media, are checked against the database. Suspicious files are deleted or put into a safe quarantined area for further investigation. Scheduled scans of all data files on the system can be done automatically. Virus definitions need to be kept up-to-date and software subscriptions include regular downloads of updates. Anti-virus software

Download ppt "1 AQA ICT AS Level © Nelson Thornes 2008 1 Safety and security Chip and Pin."

Similar presentations

1 AQA ICT AS Level © Nelson Thornes 2008 1 Safety and security Chip and Pin.

1 AQA ICT AS Level © Nelson Thornes Safety and security Chip and Pin.
Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.

Commercial Data Processing Computer Crime. Computer crime can be very hard to prevent. Typical crimes involve destroying, corrupting or changing the data.
Data Security and legal issues Starter :- 5 Minutes Make a list of all the companies and organisations that you believe holds data on you. Write down what.

Data Security and legal issues Starter :- 5 Minutes Make a list of all the companies and organisations that you believe holds data on you. Write down what.
Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,

Legislation & ICT By Savannah Inkster. By Savannah Computer Laws 1.Data Protection ActData Protection Act 2.Computer Misuse ActComputer Misuse Act 3.Copyright,
The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.

The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.
GCSE ICT Computers and the Law. Computer crime The growth of use of computerised payment systems – particularly the use of credit cards and debit cards.

GCSE ICT Computers and the Law. Computer crime The growth of use of computerised payment systems – particularly the use of credit cards and debit cards.
Legislation in ICT.

Legislation in ICT.
University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.

University of Sunderland Professionalism and Personal Skills Unit 11 Professionalism and Personal Skills Computer Legislation.
Legislation Who governs e-commerce?. E-commerce is regulated by laws and guidelines. These aim to ensure that sites operate effectively and that online.

Legislation Who governs e-commerce?. E-commerce is regulated by laws and guidelines. These aim to ensure that sites operate effectively and that online.
Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.

Legislation in ICT. Data Protection Act (1998) What is the Data Protection Act (1998) and why was it created? What are the eight principles of the Data.
Data Protection Act.

Data Protection Act.
The Data Protection Act The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone.

The Data Protection Act The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.
The Legal Framework Can you work out which slide each bullet point should go on?!

The Legal Framework Can you work out which slide each bullet point should go on?!
Course: Introduction to Computers Lecture: 6.  Commercial software is covered by Copyrights.  You have to pay for it and register to have the license.

Course: Introduction to Computers Lecture: 6.  Commercial software is covered by Copyrights.  You have to pay for it and register to have the license.
UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.

UNIT 3C Security of Information. SECURITY OF INFORMATION Firms use passwords to prevent unauthorised access to computer files. They should be made up.
1 AQA ICT AS Level © Nelson Thornes 2008 1 Data Protection Act.

1 AQA ICT AS Level © Nelson Thornes Data Protection Act.
General Purpose Packages

General Purpose Packages
Data Protection and Computer Misuse Act material Modified by Eric from Mary’s slides.

Data Protection and Computer Misuse Act material Modified by Eric from Mary’s slides.

Similar presentations

Ads by Google