India – Complaints of credit cards fraud flood cops in Hyderabad

By | September 1, 2017

HYDERABAD: Tens of customers of State Bank of India, are rushing to cyber crime police of tri-commissionerates in Hyderabad, to complain about fraudulent transactions done with their credit card 
details in foreign countries. The cyber crime police of three commissionerates have received over 60 such complaints in the last two months, about fraudulent money being withdrawal from customers’ bank accounts. During investigation the police found that the data of credit cards taken from SBI has been compromised and also due to easy encryption of the stolen data, fraudulent transactions are taking place. 

At least 80 per cent of the victims are the customers of one of the India’s leading nationalised bank. The common point of all the complaints, including the customers of other private banks is that they were not receiving one-time password despite the mobile number registered with the bank, said police. The clueless customers after approaching the bank, knocking the doors of cyber crime police. Probe revealed that the debit and credit cards of the customers are being used abroad, where a one-time-password or a PIN number is not necessary in most countries when payment is done through POS machines.   

SBI says customer wont be impacted in such frauds
Responding to a query, Vijay Jasuja, CEO, SBI Card, said “As per RBI guidelines, all domestic credit card transactions have to be authenticated by either OTP for online or PIN for point of sale transactions. International transactions, however, are guided by merchant acquiring rules prevailing in that country and second factor authentication in the form of OTP is not required. Hence, such transactions can be completed using only the card number, CVV & expiry date.”

When swiping the card at POS, do not leave the card unattended. “If any customer is charged for a transaction not carried out by him/her, he/she should promptly reach out to the bank so that necessary steps can be taken to resolve it. In such instances, we immediately block the card. We also offer temporary credit to the customer while the case is being investigated,” said Vijay Jasuja.

Police say weak encryption makes it easy for fraudsters
Police said that even after skimming the cards, one has to decrypt the data before using it to make a duplicate card, and the fraudsters are easily doing it, due to the weak encryption methods used by the banks in securing their cards.Cyber crime inspector Md Riyazuddin said, “We are receiving loads of complaints from public about the fraudulent usage of ATM cards. When someone skims a  card, they have to decrypt the data and load into an empty card to make a duplicate. Due to lack of strong encryption, it has become easy for the fraudsters to make their work easy.” He added, “Some banks must realise that data of their customers has been compromised and take appropriate measures to guard the data. We have been writing letters to various banks to deal with the issue. However, it was of no use.”

Source: New Indian Express