As such, with a view to minimizing such attacks as also the damage due to such attacks, RBI has advised banks to implement certain security measures.
Ten steps to better card security, as per RBI guidelines, include:
1. New cards issued that involve international usage should be EMV Chip-based and also PIN-enabled (EMV stands for Europay, Mastercard and Visa).
2. Existing magnetic-stripe based cards that have been used internationally should be converted to EMV chip-based.
3. Banks should, in consultation with the customer, fix a threshold limit for international usage for all active magnetic-stripe based international cards.
4. Terminals installed at all merchant establishments should be certified for the 'Payment - Data Security Standards'.
5. Rules to prevent fraud should be framed based on the transaction pattern of the card usage.
6. All the current infrastructure should be compulsorily made to go though 'Payment - Data Security Standards' certification.
7. A real-time fraud monitoring system should be set-up.
8. Simpler methods, such as SMS, should be put in place to enable customers to block their cards.
9. Additional authentication systems should be introduced for cards issued in India and used internationally.
10. There should be a system to call the customer and seek his validation, especially if it appears to be a suspicious transaction.
With these measures (to be implemented by Nov 2013) our credit and debit cards would become less prone to fraudulent attacks. Thereby, we would be able to conduct more safe and secure transactions with our cards. However, no security is ironclad and hence we should not solely depend on banks to secure us. A lot of onus is on us too. After all, it is our money, not the bank's.
