#FactCheck-AI-Generated Video Falsely Shows Samay Raina Making a Joke on Rekha

Introduction

Apple launched Passkeys with iOS 16 as a more authentic and secure mechanism. It is safer than passwords, and it is more efficient in comparison to passwords. Apple users using iOS 16 passkeys features should enable two-factor authentication.  The passkeys are an unchallenging mechanism than the passwords for the passkeys. The user just has to open the apps and websites, and then the biometric sensor automatically recognises the face and fingerprints. There can be a PIN and pattern used to log instead of passwords. The passkeys add an extra coating of protection to the user’s systems against cyber threats like phishing attacks by SMS and one-time password-based. In a report 9 to 5mac, there is confirmation that 95% of users are using passkeys. Also, with the passkeys, users’ experience will be better, and it is a more security-proof mechanism. The passwords were weak, reused credentials and credentials leaked, and the chances of phishing attacks were real.

What are passkeys?

Passkey is a digital key linked to users’ accounts and websites or applications. Passkeys allow the user to log into any application and website without entering passwords, usernames, or other details. The aim of this new feature is to replace the old long pattern of entering passwords for going through any websites and applications.

The passkeys are developed by Microsoft, Apple, and Google together, and it is also called FIDO Authentication (Fast identity online). It eliminates the need to remember passwords and the need for typing. So, the passkeys work as they replace the password with a unique digital key, which is tied to the account then, the key is stored in the device itself, and it is end-to-end encrypted. The passkeys will always be on the sites on which users specifically created them. the passkeys use the technology of cryptography for more security purposes.  And the passkeys guarantee against the phish.

And since the passkeys follow FIDO standards so, this also can be used for third-party nonapple devices as the third-party device generate a QR code that enables the iOS user to scan that to log in. It will recognise the face of the person for authentication and then asks for permission on another device to deny or allow.

How are passkeys more secure than passwords?

The passkeys follow the public key cryptographic protocols that support the security keys, and they work against phishing and other cyber threats. It is more secure than SMS and apps based on one-time passwords. And another type of multi-factor authentication.

Why are passwords insecure?

The users create passwords easily, and it is wondering if they are secure. The very important passwords are short and easy to crack as they generally relate to the user’s personal information or popular words. One password is reused by the user to the different accounts, and then, in this case, hacking one account gives access to all accounts to the hackers. The problem is that passwords have inherent flaws, like they could be easily stolen.

Are passkeys about to become obligatory?

Many websites restrict the type of passwords, as some websites ask for mixtures of numbers and symbols, and many websites ask for two-factor authentication. There is no surety about the obligation of passkeys widespread as it is still a new concept and it will take time, so it is going to be optional for a while.

• There was a case of a Heartland payment system data breach, and Heartland was handling over 100 million monthly credit card transactions for 175,000 retailers at the time of the incident. Visa and MasterCard detected the hack in January 2009 when they notified Heartland of suspicious transactions. And this happened due to a password breach. The corporation paid an estimated $145 million in settlement for illegal payments. Today, data-driven breaches affect millions of people’s personal information.
• GoDaddy reported a security attack in November that affected the accounts of over a million of its WordPress customers. The attacker acquired unauthorised access to GoDaddy’s Managed WordPress hosting environment by hacking into the provisioning system in the company’s legacy Managed WordPress code.

Conclusion

The use of strong and unique passwords is an essential requirement to safeguard information and data from cyberattacks, but still, passwords have its own disadvantages. And by the replacement of passwords, a passkey, a digital key that ensures proper safety and there is security against cyberattacks and cybercrimes through passkey. There are cases above-mentioned that happened due to the password’s weaker security. And in this technology world, there is a need for something for protection and prevention from cybercrimes, and the world dumps passwords and adopts passkeys.

References

• https://www.cnet.com/tech/mobile/switch-to-passkeys-more-secure-than-passwords-on-ios-16-iphone-14/
• https://economictimes.indiatimes.com/magazines/panache/google-is-ending-passwords-rolls-out-passkeys-for-easy-log-in-how-to-set-it/articleshow/99988444.cms?from=mdr
• https://security.googleblog.com/2023/05/making-authentication-faster-than-ever.html#:~:text=Because%20they%20are%20based%20on,%2Dfactor%20authentication%20(MFA).

Introduction

The rise in start-up culture, increasing investments, and technological breakthroughs are being encouraged alongside innovations and the incorporation of generative Artificial Intelligence elements. Witnessing the growing focus on human-centred AI, its potential to transform industries like education remains undeniable. Enhancing experiences and inculcating new ways of learning, there is much to be explored. Recently, a Delhi-based non-profit called Rocket Learning, in collaboration with Google.org, launched Appu- a personalised AI educational tool providing a multilingual and conversational learning experience for kids between 3 and 6.

AI Appu

Developed in 6 months, along with the help of dedicated Google.org fellows, interactive Appu has resonated with those the founders call “super-users,” i.e. parents and caregivers. Instead of redirecting students to standard content and instructional videos, it operates on the idea of conversational learning, one equally important for children in the targeted age bracket. Designed in the form of an elephant, Appu is supposed to be a personalised tutor, helping both children and parents understand concepts through dialogue. AI enables the generation of different explanations in case of doubt, aiding in understanding. If children were to answer in mixed languages instead of one complete sentence in a single language (eg, Hindi and English), the AI would still consider it as a response. The AI lessons are two minutes long and are inculcated with real-world examples. The emphasis on interactive and fun learning of concepts through innovation enhances the learning experience. Currently only available in Hindi, it is being worked on to include 20 other languages such as Punjabi and Marathi. 

UNESCO, AI, and Education

It is important to note that such innovations also find encouragement in UNESCO’s mandate as AI in education contributes to achieving the 2030 Agenda of Sustainable Development Goals (here; SDG 4- focusing on quality education). Within the ambit of the Beijing Consensus held in 2019, UNESCO encourages a human-centred approach to AI, and has also developed the “Artificial Intelligence and Education: Guidance for Policymakers” aiming towards understanding its potential and opportunities in education as well as the core competencies it needs to work on. Another publication was launched during one of the flagship events of UNESCO- (Digital Learning Week, 2024) - AI competency frameworks for both, students and teachers which provide a roadmap for assessing the potential and risks of AI, each covering common aspects such as AI ethics, and human-centred mindset and even certain distinct options such as AI system design for students and AI pedagogy for teachers.

Potential Challenges

While AI holds immense promise in education, innovation with regard to learning is contentious as several risks must be carefully managed. Depending on the innovation, AI’s struggle with multitasking beyond the classroom, such as administrative duties and tedious grading, which require highly detailed role descriptions could prove to be a challenge. This can become exhausting for developers managing innovative AI systems, as they would have to fit various responses owing to the inherent nature of AI needing to be trained to produce output. Security concerns are another major issue, as data breaches could compromise sensitive student information. Implementation costs also present challenges, as access to AI-driven tools depends on financial resources. Furthermore, AI-driven personalised learning, while beneficial, may inadvertently reduce student motivation, also compromising students' soft skills, such as teamwork and communication, which are crucial for real-world success. These risks highlight the need for a balanced approach to AI integration in education.

Conclusion

Innovations related to education, especially the ones that focus on a human-centred AI approach, have immense potential in not only enhancing learning experiences but also reshaping how knowledge is accessed, understood, and applied. Untapped potential using other services is also encouraged in this sector. However, maintaining a balance between fostering intrigue and ensuring the inculcation of ethical and secure AI remains imperative.

References

• https://www.unesco.org/en/articles/what-you-need-know-about-unescos-new-ai-competency-frameworks-students-and-teachers?hub=32618
• https://www.unesco.org/en/digital-education/artificial-intelligence
• https://www.deccanherald.com/technology/google-backed-rocket-learning-launches-appu-an-ai-powered-tutor-for-kids-3455078
• https://indianexpress.com/article/technology/artificial-intelligence/how-this-google-backed-ai-tool-is-reshaping-education-appu-9896391/
• https://www.thehindu.com/business/ai-appu-to-tutor-children-in-india/article69354145.ece
• https://www.velvetech.com/blog/ai-in-education-risks-and-concerns/ 

‍

What Is a VPN and its Significance 

A Virtual Private Network (VPN) creates a secure and reliable network connection between a device and the internet. It hides your IP address by rerouting it through the VPN’s host servers. For example, if you connect to a US server, you appear to be browsing from the US, even if you’re in India. It also encrypts the data being transferred in real-time so that it is not decipherable by third parties such as ad companies, the government, cyber criminals, or others.

All online activity leaves a digital footprint that is tracked for data collection, and surveillance, increasingly jeopardizing user privacy. VPNs are thus a powerful tool for enhancing the privacy and security of users, businesses, governments and critical sectors. They also help protect users on public Wi-Fi networks ( for example, at airports and hotels), journalists, activists and whistleblowers, remote workers and businesses, citizens in high-surveillance states, and researchers by affording them a degree of anonymity. 

What VPNs Do and Don’t 

‍

•  What VPNs Can Do:
  
  • Mask your IP address to enhance privacy.
  • Encrypt data to protect against hackers, especially on public Wi-Fi.
  • Bypass geo-restrictions (e.g., access streaming content blocked in India).
•  What VPNs Cannot Do:
  
  • Make you completely anonymous and protect your identity (websites can still track you via cookies, browser fingerprinting, etc.).
  • Protect against malware or phishing.
  • Prevent law enforcement from tracing you if they have access to VPN logs.
  • Free VPNs usually even share logs with third parties. 

VPNs in the Context of India’s Privacy Policy Landscape 

In April 2022, CERT-In (Computer Emergency Response Team- India) released Directions under Section 70B (6) of the Information Technology (“IT”) Act, 2000, mandating VPN service providers to store customer data such as “validated names of subscribers/customers hiring the services, period of hire including dates, IPs allotted to / being used by the members, email address and IP address and time stamp used at the time of registration/onboarding, the purpose for hiring services, validated address and contact numbers, and the ownership pattern of the subscribers/customers hiring services” collected as part of their KYC (Know Your Customer) requirements, for a period of five years, even after the subscription has been cancelled. While this directive was issued to aid with cybersecurity investigations, it undermines the core purpose of VPNs- anonymity and privacy. It also gave operators very little time to carry out compliance measures. 

Following this, operators such as NordVPN, ExpressVPN, ProtonVPN, and others pulled their physical servers out of India, and now use virtual servers hosted abroad (e.g., Singapore) with Indian IP addresses. While the CERT-In Directions have extra-territorial applicability, virtual servers are able to bypass them since they physically operate from a foreign jurisdiction. This means that they are effectively not liable to provide user information to Indian investigative agencies, beating the whole purpose of the directive. To counter this, the Indian government could potentially block non-compliant VPN services in the future. Further, there are concerns about overreach since the Directions are unclear about how long CERT-In can retain the data it acquires from VPN operators, how it will be used and safeguarded, and the procedure of holding VPN operators responsible for compliance. 

Conclusion: The Need for a Privacy-Conscious Framework

The CERT-In Directions reflect a governance model which, by prioritizing security over privacy, compromises on safeguards like independent oversight or judicial review to balance the two. The policy design renders a lose-lose situation because virtual VPN services are still available, while the government loses oversight. If anything, this can make it harder for the government to track suspicious activity.  It also violates the principle of proportionality established in the landmark privacy judgment, Puttaswamy v. Union of India (II) by giving government agencies the power to collect excessive VPN data on any user. These issues underscore the need for a national-level, privacy-conscious cybersecurity framework that informs other policies on data protection and cybercrime investigations. In the meantime, users who use VPNs are advised to choose reputable providers, ensure strong encryption, and follow best practices to maintain online privacy and security.

References 

• https://www.kaspersky.com/resource-center/definitions/what-is-a-vpn 
• https://internetfreedom.in/top-secret-one-year-on-cert-in-refuses-to-reveal-information-about-compliance-notices-issued-under-its-2022-directions-on-cybersecurity/#:~:text=tl;dr,under%20this%20new%20regulatory%20mandate. 
• https://www.wired.com/story/vpn-firms-flee-india-data-collection-law/#:~:text=Starting%20today%2C%20the%20Indian%20Computer,years%2C%20even%20after%20they%20have

‍