More and more of our lives are moving online, from our jobs and personal admin, to activities we enjoy. While a lot of these changes have made our lives easier, including online or app-based banking, shopping and dining, cybercrime is also on the rise. According to government statistics from 2020–21, someone reports a cybercrime every eight minutes in Australia.
Digital security, cybercrime, and identity theft are things that everyone needs to be aware of and protect themselves against. But people with disability are at higher risk of these crimes and can struggle to use the protections companies put in place. People with disability may need to ask others to help them access online tools, which can compromise their privacy and security. Some people may also not physically be able to use a security measure. For example, a fingerprint lock may make accessing a device much easier for some people but for others, such as people with prosthetic or missing limbs, it is impossible.
What is cybercrime?
Cybercrime includes any illegal activities carried out using technology. Cybercrime attacks can happen on a large scale, targeting government or commercial systems and websites. But the highest number of incidents are smaller more personal crimes. Personal cybercrime most often involves identity theft.
Identity theft is when someone accesses your personal information to steal money or get other benefits. They can create fake identity documents in your name to get loans or apply for real identity documents in your name but with another person’s photograph. Examples include phishing, credit-card skimming, malware and phone scams. Trusted people such as family members or caregivers can also carry out identity theft. People with disability and older people are especially vulnerable.
It is very important for everyone to secure their devices and computers. Knowing how to do this can be challenging, particularly for people with some types of disability, or if you have a low level of digital literacy.
Password and authentication
One thing no web user can avoid is authentication – proving you are who you say you are. The most common authentication tool is a password. Passwords can cause problems for lots of people. This includes people with poor memory, people with dyslexia, and people with motor issues who may struggle to input the password correctly.
Assistive tools, like screen readers used by people who are visually impaired, are also usually designed for general web use and not cybersecurity. A screen reader does’t usually read aloud password details as this would compromise the secrecy of the password.
CAPTCHA authentication, which tries to identify if you are a real person or a bot, has tried to overcome its accessibility issues by providing audio as well as visual samples to decode. But as many people can have more than one disability, these can still prove impossible to use for many people.
Identifying scam emails and websites
Fake emails and websites are key ways scammers can steal your identity or money. Identifying whether an email or website is legitimate usually involves a number of steps and cues. This might mean checking that a business’s correct logo has been used, or that the email or web address is correct. If you’re not able to see the cue because of visual impairment, or follow the identifying steps because of cognitive impairment, you’re at a much higher risk from this type of cybercrime.
There are now a range of ways people can unlock their mobile device and keep it secure. The options on newer devices, such as thumb print or facial recognition, make a welcome addition to the pin number locks. But these can still be inaccessible for some people and in some situations. For example, if you need to wear a mask due to COVID-19 restrictions, your facial recognition won’t work, and if you can’t enter your pin manually your device will stay locked.
Permissions and security settings
Apps, websites and social media platforms often have a range of security and permission settings. These can be really useful in ensuring, as much as possible, that your personal information, images and content are secure and only shared in the way that you want. The problem is knowing and understanding how to use these effectively. A lot of the content explaining how to turn settings on and off is hard to find, difficult to understand, and involves a complex set of steps. Many of these systems and instructions are difficult for most of the general public to use. For peope with disability, this can become even more difficult.
People working in app and digital development and cybersecurity need to consider the accessibility of the protection measures they put in place. They need to make this part of their design and development processes.
Part of the reason this isn’t always happening in tech companies is the lack of diversity in their staff. When they develop and test products, they risk only taking their own knowledge, experience and capabilities into account.
Prioritising accessibility in product development and thinking about a wide diversity of human experiences during the design process can help.
Knowing how to keep your devices and online accounts secure can be difficult. These websites have useful steps on keeping your devices and information safe:
- Australian Cyber Security Centre – Individuals and families
- Security.org – Accessibility and digital security – a guide to cybersecurity for people with disability.