Man in a suite analyzing stocks

Demat account security: tips to keep your investments safe

While it might sound difficult to believe this now, there used to be a time when buying and selling shares and other kinds of financial securities actually involved acquiring or parting with physical certificates of ownership. As you would expect, these certificates had to be kept safe and protected against theft, loss, and deterioration.

Now, such ownership records are stored in electronic form in demat accounts, a change that has not only made investing and trading more convenient but has also eliminated the risks mentioned above. However, electronic records and accounts are vulnerable to a completely different set of risks, and it’s important for investors to be aware of them and to take the appropriate precautions against demat account fraud. So let’s find out how you can keep your demat account safe and secure.

Table of contents

1. What is a demat account?

2. The benefits of a demat account

3. Threats to your demat account

4. Ways to protect your demat account from fraud

5. Conclusion

6. Frequently asked questions

1. What is a demat account?

A demat account, or dematerialised account, is an electronic account that holds your shares and other financial securities in electronic form. It is similar to a bank account, but instead of storing money, it stores your financial assets.

Demat accounts are required in India to invest in the stock market. When you buy shares of a company, they are credited to your demat account. Similarly, when you sell shares, they are debited from your demat account.

Demat accounts are also used to hold units of other types of financial securities, such as bonds, mutual funds, and ETFs.

It should be noted that there are certain eligibility criteria that you must fulfil in order to open a demat account.

2. The benefits of a demat account

Demat accounts offer several benefits, some of which are:

  1. Convenience: Demat accounts enable you to buy and sell shares and other securities online, through your laptop or mobile phone. This means that you can trade from any location in the world, and at any time.
  1. Transparency: With demat accounts, you can easily track your investments and see how much you have made or lost. This is because all of your transactions are recorded electronically.
  1. Nomination facility: Demat account holders can nominate a person to take control of their demat account in the event of their demise. This facility simplifies matters for the account holders’ intended heirs.
  1. Safety: Demat accounts store your shares and other securities electronically, which means that they are protected from physical theft and loss. This is a major advantage over physical share certificates, which can be lost, stolen, or damaged.

3. Threats to your demat account

As mentioned above, demat accounts are generally very safe. They are held in a central depository, which means that there are safeguards in place to protect them against theft and loss. Depositories are also subject to strict regulations imposed by the Securities and Exchange Board of India (SEBI).

Nevertheless, there are several ways that your demat account can be compromised. Some of the main ways malevolent parties can try to take control of your demat account are:

3.1 Phishing attacks 

In a phishing attack, the attacker attempts to trick you into revealing sensitive information, such as a password, an OTP, or a debit card CVV. Phishing attacks are usually carried out using emails, but they can also be carried out via text message, phone call, or social media.

Such attacks often work because the attackers use emails and messages that appear “official”, or seem to come from someone you know and trust. For example, a phishing attacker might send you an email that appears to come from your bank, asking you to verify some of your account details. Or you might get a text message that appears to come from a delivery company, asking you to track a package by clicking on a link.

Clicking the link provided in such an email or message will usually take you to a fake website that looks legitimate, and you will then be prompted to enter some information that can be used by the attackers to hack your accounts or carry out fraud.

3.2 Malware 

Malware is a kind of software that is designed to harm your computer or network. It can be spread in a number of ways, including via email attachments, malicious websites, and infected USB drives. Once malware is on your computer, it can do a variety of things, such as deleting your files, slowing down your computer, and stealing personal information like passwords and debit card numbers.

Thus, malware can have a major impact on your personal, professional, and financial life: if critical information is stolen, it can be used to commit fraud or identity theft.

3.3 Password guessing

As the name suggests, password guessing is a type of attack in which an attacker tries to guess your account password by trying various combinations of letters, numbers, and symbols. Password guessing attacks are often carried out using automated tools, making them even more dangerous.

Password guessing attacks are often effective because many people use weak passwords that are easy to crack. For example, common passwords include “123456”, “password”, and “qwerty”. Many people also use their name, birthday, or other personal information in their passwords; such information can be obtained from other places online and then misused by attackers.

4. Ways to protect your demat account from fraud

Given the potentially significant loss a hacked demat account can lead to, it’s imperative that you take every step you can to minimise the possibility of demat fraud. Some of the most important such steps you can take are as follows:

4.1 Use a strong password

It is important to have a strong password for your demat account because it is your first line of defence against unauthorised access. A strong password will make it more difficult for attackers to crack your password, which will help to protect your investments from theft or fraud.

What makes a password strong? It should have at least 12 characters long and should include a mix of upper- and lower-case letters, numbers, and symbols. You should also avoid using personal information in your password, such as your name, birthday, or address.

Use a different password for each of your online accounts. This will help prevent all your accounts from being compromised if any one of your passwords is leaked.

Lastly, use a password manager to help you create and store strong passwords. A password manager is a software application that can generate and store strong passwords for all of your online accounts, all of which can be accessed using a “master” password.

4.2 Keep your login information safe

You shouldn’t share your password with anyone, including family members, friends, and coworkers.

You should also be careful about where you enter your login information: only enter your login information on websites that you trust. Avoid entering your login information on public computers or over unsecured Wi-Fi networks.

Lastly, you should enable two-factor authentication on your demat account. Two-factor authentication adds an extra layer of security to your account by requiring you to enter a code on your phone in addition to your password when logging in, thus greatly reducing the chances of fraud.

4.3 Make sure purchased shares get credited

Since early 2023, shares in India have been transitioning to a T+1 settlement cycle. This means that if you purchase shares on a given day, they should normally be credited to your demat account the next day. Thus, you should keep an eye on your demat account and make sure that purchased shares do, in fact, get credited to it within the expected time frame. If there are any delays, you should pursue the matter with your broker at the earliest.

4.4 Track your account statements

It is important to review your bank statements regularly to make sure your demat account is safe and is being accurately maintained. This means checking the transactions on your account by inspecting the messages your bank or financial institution sends you. By doing so, you can find any unauthorised or suspicious transactions, incorrect balances, or other errors. If you notice any problems, such as unauthorised transactions, mistakes, or suspected fraud, inform your broker right away so it can investigate and fix the problem.

4.5 Enable the SMS facility

Enable SMS notifications from your broker and bank to increase security and track account activity. Set up SMS alerts for balance updates, transactions, and security warnings. Monitor these SMS messages regularly and take appropriate action to quickly identify and address any unauthorised or suspicious activity.

4.6 Freeze your account when travelling or during inactivity

Freezing your bank account can be a good way to protect it from unauthorised activity when you are travelling overseas or during long periods of inactivity. Before doing so, be sure to understand the process and any consequences of freezing your account, such as any fees or access restrictions that may apply.

4.7 Choose a reliable brokerage firm

Do your own research before choosing a brokerage firm. Look into its reputation, track record, financial stability, and compliance with regulations. Also find out what kinds of experiences others have had with that firm. 

5. Secure your investments

While there are several significant advantages to using a demat account to store securities, such an account is vulnerable to the same weaknesses that any online account is. However, the consequences of fraud in a demat account can be much more severe, since such an event can result in the loss of a large sum of money.

Thus, you should also ensure that you use an investing app, like Appreciate, that implements powerful security features.

Appreciate enables you to build a diversified investment portfolio through seamless access to the US markets, which can yield potentially higher returns. And it does so while using gold-standard KYC, industry best-practice encryption, AI-based monitoring, and transaction flow tracking to keep your investments safe. Download the app today!

6. Frequently asked questions

6.1 What is demat account fraud?

Demat account fraud is a type of financial fraud that involves obtaining unauthorised access to a demat account, or misusing a demat account. Demat account fraud can occur in a number of ways, including through phishing, malware, and password guessing.

6.2 How can I protect my demat account from fraud?

Some of the most important steps you should take to keep your demat account safe are: 

  • using a strong password, 
  • not sharing your demat account login credentials with anyone, 
  • being careful about where you enter your demat account login credentials, 
  • enabling two-factor authentication on your demat account, and 
  • monitoring your demat account statements regularly. 

6.3 What should I do if I suspect demat account fraud?

If you suspect or believe that you are the victim of a demat account fraud, take the following steps right away:

  • File a formal complaint with your DP and relevant regulatory bodies, such as the Securities and Exchange Board of India (SEBI). Describe the fraudulent activity in detail.
  • Change your demat account login information, including your password and PIN, as well as the login information for any other associated accounts, to prevent further unauthorised access.
  • Review your demat account statements carefully for unauthorised transactions or suspicious activity. Report any discrepancies to your DP and request a full investigation.
  • Consider filing a complaint with local police, and consult with a legal expert to discuss potential legal remedies.

6.4 Can I recover my losses from demat account fraud?

There’s no one-size-fits-all answer to this question, as there are several relevant factors: the nature of the fraud, the actions taken, any legal proceedings that may have been initiated, etc. Nevertheless, reporting the fraud promptly and providing all necessary evidence will increase the chances of you getting your money back. Make sure you bring in lawyers into the picture as well. 

6.5 Is my demat account safe?

Normally, demat accounts are quite safe. Taking basic steps like using a strong password and choosing a highly secure investment platform can also make a huge difference to your demat account’s safety. 

6.6 What is a demat security?

Securities are financial assets such as shares, bonds, mutual fund units, etc. A security that is stored in an electronic or dematerialised (demat) form in a demat account is called a demat security.

6.7 How can I save my demat account from hackers?

You can protect your demat account from hackers by following these basic steps:

  • using a strong password, 
  • not sharing your demat account login credentials with anyone, 
  • being careful about where you enter your demat account login credentials, 
  • enabling two-factor authentication on your demat account, and 
  • monitoring your demat account statements regularly. 

6.8 Are there any regulatory measures to prevent a demat account scam?

Yes, regulatory bodies like SEBI work continuously to improve the securities market’s security and integrity. They create measures to prevent fraud, enforce strict rules for brokers and depository participants, conduct inspections, and educate investors about potential risks. However, individuals must also take personal responsibility for the security of their accounts and remain vigilant.

Scroll to Top

We would love to hear from you

Have something nice or not so nice to say? Do you have any questions? Reach out to us, we’d love to start a dialogue with you.

Get early access

By joining our referral program, you agree to our Terms of Use