As per RBI directive, banks to adopt additional authentication procedures for online transactions from August
As per RBI directive, banks to adopt additional authentication procedures for online transactions from August Teen Tigda, Kaam Bigda: There are three ways of stealing data via online transactions phishing, spoofing and man-in-the-middle method.
Alarmed by the increasing instances of online frauds, banks and credit card companies will adopt additional stringent security measures starting August 1.
u00a0
As per an earlier RBI directive, they will have to alert card holders when card-not-present transactions worth over Rs 5,000 take place.
Password
"We have already implemented Verified by Visa (VBV) and SecureCode from Mastercard to enable additional verification of online transactions.
A cardholder can register for VBV or SecureCode and safely conduct a password-authenticated transaction.
u00a0
Unless the cardholder gives his password to someone else, it will be difficult to commit a fraudulent transaction," said Nitin Chittal, vice president, retail banking Alternate Channels, Axis Bank.
u00a0
Welcome move
The Mumbai police welcomed the RBI initiative. "Hopefully, the new directives will act as a deterrent to fraudsters," said Sanjay Saxena, additional commissioner (Economic Offences Wing), Mumbai police.
u00a0
Borivli resident Vimi Sanghvi, says the move makes her feel a lot safer.
"I bought movie tickets online yesterday and there's always a feeling whether it's safe to put down important information on a website," said Sanghvi, whose family bills are paid online every month.
Vendors also feel the strict authentication process will lead to more online transactions.
At TravelGuru, an online ticketing site, the ratio of phone bookings versus online payments during peak season is 60:40.
u00a0
"We're informing our customers why they should register with their banks," said Praveen M, TravelGuru spokesperson.
Scams Ahoy!
According to Paresh Solanki, of Ekkay Magic that develops security solutions for banks, there are three ways of stealing data.
"In phishing, the fraudster attempts to steal card information through e-mail by pretending to be from a reputed organisation.
u00a0
"In spoofing, he poses as an authorised user with the intent of stealing information and credit.
The man-in-the-middle attack is when a person from the organisation who receives the secure information tracks the data and uses it illegally," said Solanki.u00a0
ADVERTISEMENT