WILL YOUR CARD BE SAFER NOW?
October 2016 saw a massive breach of financial data in India, with banks reporting that as many as 3.2 million debit cards had been compromised. State Bank of India, HDFC, ICICI, YES Bank and Axis Bank were among the worst hit. They swung into action, cancelling compromised cards and issuing new ones. The source of the breach was located in China, said to be caused by fraudsters looking to steal money and financial data. This should have triggered an effort to beef up data security, but banks turned their attention to scare-management instead, underplaying the fraud and saying that only 641 customers had complained, involving transactions of just Rs 1.3 crore.
In a recent move, the Reserve Bank of India (RBI) has introduced the concept of ‘limited liability’ for customers who become victims of such fraud. Customers will have zero liability for a fraudulent transaction if the bank is found to have been negligent. Customers will also not be liable if there is a thirdparty breach, even without the bank’s involvement, if the fraud is reported to the bank within three working days of the customer receiving communication regarding an unauthorised transaction.
In order to ensure that customers get timely information, banks will now have to link customers’ mobile numbers with their bank accounts and enable replies to text messages containing transaction alerts. Banks will also have to make provisions on the home pages of their websites for customers to report unauthorised transactions. The RBI move is a timely acknowledgement that data vulnerability can sour India’s grand ambition to become a digital powerhouse.