The debit card security breach blew big time last month. The trigger was fraudulent transactions in which debit cards were used in China and the US when cardholders were residing in India. The problem was not isolated to a single bank but several banks, both private and public sector banks. The banks complained to the National Payments Corporation of India (NPCI), which has oversight over retail payments systems in India. The probe by NPCI found a malware induced security breach in the systems of Hitachi Payment Services, which provides ATMs, point of sale and other services.

Malware infects software networks by way of viruses, worms, trojans, spyware and other programs. The outcome allows fraudsters to access confidential debit card data such as name, date of birth and even the CVV. In this case, swiping a card at an allegedly compromised ATM allowed the data on the card to be transmitted to the fraudsters, who then misused it for fraudulent transactions.
Problem compounds in case of cards with magnetic strip compared to those that are chip based To solve the problem, banks have communicated to lakhs of account holders to change their ATM PINs and in many cases blocked the cards and are fast tracking the issuance of chip based cards.
According to the RBI’s draft circular on customer protection, a cardholder is not liable for a thirdparty breach, or where negligence is on the part of the bank, if the customer informs the bank of the fraud within three working days. If you still have a magnetic strip card, ask your bank to change it. And, to protect yourself read about ways to keep your card safe.

olmdesk@outlookindia.com