Dear Student
Nationally, there are fraudulent activities related to the ‘stealing’ of student data enabled by
1. the sharing of student login credentials with other parties;
2. national mobile data service providers clamping down on the misuse of data allocations by universities to students; and
3. students misusing data allocations made to them.
The University of the Free State (UFS) cannot unblock you if you are blocked by a service provider for fraudulent activity.
Managing your credentials and passwords is your responsibility.
For more details, please read the following message.
Your digital identity is very important and has a very direct influence on not only your digital life, but also has a very direct influence on your private life.
The following is a more detailed explanation of this statement:
Your digital identity is the key to unlocking all forms of access to digital services such as bank accounts, access to private digital services, and access to the learning materials at the university. All of this is controlled through two very simple ‘things’, being your login code and the password attached to the specific login code.
At the point of first registration as a student, a unique student number is allocated to the student. This is a unique number that will identify you as a person throughout your academic journey and will also ‘live on’ for many years thereafter, or for as long as there is an active relationship between you and the university.
We, as the university, do not re-use these unique numbers and they are active for life. This is the manner in which the university identifies you as a unique individual and we link ALL other digital services to this number, also the provision of data to enable your academic journey.
When you lose control over your login credentials, you, personally, are immediately exposed – firstly as an adult, and secondly, in your private capacity. At this point, there is very little the UFS can do to assist you in regaining control over your digital identity.
Recently, one of the national mobile data vendors uncovered a fraudulent syndicate that purchases a student’s credentials (login code and password) and then literally takes over your private life, using your credentials to enter into agreements on your behalf, for which you are then personally accountable. Apart from the foregoing, the university’s monitoring systems also indicate that there is widespread sharing of login credentials among other students (not registered at the UFS) and also with other external parties such as friends, family, etc.
It is important to note that these activities are fraudulent by nature. As a law-abiding institution, the university is also obligated to report these activities to the South African Police Service (SAPS), which will result in an investigation aligned to criminal activities. This is not a situation where the UFS can support the implied individual; it will be a personal criminal matter. The crux of the matter is that the single student is now exposed to the full force of the law in terms of fraudulent actions, which can result in criminal cases against the student – personally.
From the perspective of the national mobile data operators, they also monitor the use and abuse of their national infrastructures and will protect their interests in this regard. In line with this, the UFS – through the GlobalProtect VPN solution – was fully in control of the allocation of pre-defined monthly data allocations to the student community and could manage students who misused the facilities internally without the national/criminal elements added to it. This is no longer the situation.
At national level, the mobile data providers do not follow a very strict regime whereby they allow the use of data up to the limits defined by each of the universities in South Africa. Once that specific level has been reached, the relevant student (customer) will be cut off at the level of the provider and will not receive any data access for the rest of that month.
Should you (as an example) be a student who allows other parties to mimic you as a registered student, your allocated data can be exhausted in a single day, leaving you stranded for the rest of that month. At that point you will then personally have to purchase additional data to enable you to engage academically with the UFS. This has a very critical spin-off effect. Students who run out of data for whatever reason, can no longer claim that the university should foot the bill for additional data, as records will show that ‘other parties’ were allowed to digitally engage with the UFS. These records are kept and can be used to support the stance of the university as a whole.
In this regard, the UFS departs from the notion that the academic programme of a student needs to be supported, where the costs of aspects such as access data is taken care of, given very specific limits imposed on the university as a whole. These aspects are directly linked to the sustainability of the ‘grant’ in terms of overall affordability, the management of the facility, and lastly, that it is used in support of the academic journey of the student. The intent here is not to provide any data for the pursuance of lifestyle matters, such as certain social media activities, etc. As far as possible, we are in constant negotiation with the Institutional Student Representative Council (ISRC) to ensure that the university is in line with the specific student needs related to academic services. These are ongoing discussions where the student voice is heard and acted on.
In accordance with the foregoing, the matter is no longer in the hands of the UFS as the sole provider, but control over this is now also monitored and managed at a level where South African universities are no longer fully in charge. This is a very unfortunate matter brought about by the misuse of the facilities by certain individuals who are not interested in the well-being of our students. The situation is what it is, and as the accountable party, the UFS will continue to play a critical role in this regard.
When confronted with any matter related to the loss of data, students are invited to contact the ICT Service Desk at 051 401 2000, who will then determine if the login credentials have been shared or not, and to support the student where there are legitimate issues to be dealt with. Please note that ICT Services has very well-kept access records per student, and if there are other technical reasons why connectivity was lost, ICT Services will assist the student to regain access to the teaching and learning facilities of the UFS.
Fair to say, if any evidence exists that login credentials have been shared, it is not a typical hack event; the UFS cannot assist the student by intervening in the contract agreement with the mobile data provider on behalf of the student, as the contract holder remains the student.