For sure we will be able to provide in next 3 months.
We are working on this now, not able to provide you with exact timeline but for sure in near future.
Initially it will be eq only, canât commit on commodities option chain timeline yet.
1 Like
The eCAS pdf has been broken since many months. Hindi gets mixed into English and makes the document completely unreadable. Folks at CDSL are really sleeping on this one.
When is max loss per day feature coming in zerodha @siva also cover / bracket order for options @siva
Itâll stop for all DPs, even if it is opted out from one DP (depository participant), i.e. Zerodha in your case.
Make the platform more robust please. Most of the time during high volatile days. Zerodha server gives error because of too much load on the server during the first 1-2 minutes of market open at 9:15
2 Likes
Hi @nithin
If someone try to access/hack my Demat account?
- What steps should I take to prevent my account?
- How Zerodha will help me to solve this issue?
- How Zerodha will take action against that scammer who is trying to access or hack my account?
- Is it possible to caught that scammer person?
These are very important question for every invester. Please reply so we can save our hard earned money 
This will take some time.
We have no plans on offering this, said that one can use GTT for that.
In my experience, most hacks happen cos the investorâs email address is compromised. If thereâs one piece of advice youâd ask to considerably reduce the risk of hack, itâs to enable 2FA on your email account immediately. Since most reset requests/OTPs are sent to email, securing your email account should be top priority. Of course, you have to follow other basic common sense principles like not sharing passwords, be careful with using email accounts on public computers, not click on random links, using public wifi etc.
If an untoward incident like a hack happens, the first thing you ought to do is bring this to our notice. You may do so by one of the ways mentioned here. We will immediately cut off all access to the hacked account and place the account under hold. No further transactions will be allowed to take place. If the scammer has already been successful in transferring securities, we will guide the investor in filing a complaint with the respective cyber crime division after which we will assist with reaching out to the broker DP where the securities have been transferred (remember that all transactions leave digital trail), and request them to put a hold on further transfer (after weâve received a copy of the complaint filed with cops and subsequent orders from them for freezing onward transaction).
Zerodha is not a law enforcing agency. Even if we opine that our client has been wronged by a scammer, we cannot reverse transactions unless the law enforcement agency gives us instructions to do so. Any details that may be needed to aid the investigation, we will ensure is provided to the investigating agency, thereby speeding up the entire process. Unfortunately, most cops in India do not understand the nuances of how crimes can be carried out in the capital markets, so our team goes the distance in sensitizing and helping them understand of the case theyâre dealing with.
Yes, as Iâve said earlier, all online transactions in India leave a digital trail. The respective regulators have strengthened the KYC norms in India, which means any account the shares/funds go to, will be KYC-ed, meaning that the identity of the scammer can be known. It needs the victim (client) also to proactively follow up with the cops to bring the case to itâs logical conclusion.
After the Exchanges issued this circular mandating that all IBTs have true 2FA to login, weâve seen a significant drop in the number of hacking cases. The odd case that we deal with is when the investorâs email address is compromised, which is why I canât help but stress on the fact that everyone who operates digitally, has to have their email IDs 2FA enabled.
7 Likes
Thank you so much Sir @VenuMadhav . Is it possible to catch a person who is trying to access the account but still not able to access? Means through his/her ip who is âtryingâ to get access to my account but not accessed it yet. Or is it illogical to complain before any real hacking happened?
Access to the Kite account is behind a 2FA, requiring the user to enter his password and a second factor (external TOTP, Kite app code, or an SMS/ Email OTP). Whenever an attacker tries to brute force the password page, kite automatically brings up the Captcha page after a few unsuccessful attempts by the attacker. Further, if the attacker already has access to the victimâs password and is able to successfully go to the 2FA page, the account gets locked after five wrong 2FA entries.
As Venu said, there is a digital trail left by the attacker. We do capture each IP from which the request has originated, but unless there is a successful breach, the police will not be able to register an FIR based on our previous experience with the cops. I hope this addresses your concerns.
3 Likes
Yeah it makes sense. Because a person can also put wrong digits in registered mobile number and mistakenly the otp got sent.
Let me pass this as a feedback to our team.
1 Like
Hey Zerodha Core team
What does âFATCA not Applicableâ remark mean in KRA status? However I already checked that my KYC status is validated and FATCA details are provided at time of opening Zerodha account. Why this remark in KRA. Confusing.
It is aligned centre, could you be more specific about this?
