RBI Introduces Tougher Security Norms For Card Transactions
RBI tightens security measures for card based transactions
The Reserve Bank of India has introduced new rules to try and improve the security features associated with credit cards and debit cards, amid rising instances of fraud.
In a notification on Wednesday, the RBI said that banks and other card issuers will have to ensure that new credit cards and debit cards issued are automatically enabled only for domestic transactions at ATMs and point of sale (PoS) terminals.
Customers who want to use their cards for online transactions, international transactions and contactless transactions, will have to separately ‘opt-in’ for these services.
“For existing cards, issuers may take a decision, based on their risk perception, whether to disable the card not present (domestic and international) transactions, card present (international) transactions and contactless transaction rights,” the RBI said in a notification on its website.
In case a card has never been used for online transactions, international transactions or contactless transactions, these services will have to be mandatorily disabled, till the customer seeks these services, the regulator said.
The step is aimed at improving security in card transactions and will be aimed at freshly issued cards or those being reissued.
In its notification, the regulator said that customers must be provided with an option to switch-on or switch-off these types of transactions and set their own transaction limits at ATMs and PoS terminals. These options should be easily accessible through net banking, mobile banking, or phone banking services on a 24x7 basis.
The customers must also be informed through text messages and emails, if the status of their cards have changed. These provisions will not be mandatory for prepaid cards, the RBI added.
According to the RBI’s annual report on trends and progress in banking, banks reported 1,866 fraud cases worth Rs 71 crore related to cards and internet banking, in 2018-19. While the amount involved is usually small, card frauds are a large contributor to customer complaints to the RBI. In the financial year ended March 2019, the RBI’s ombudsman received more than 36,000 complaints regarding ATM and debit card transactions and 13,000 complaints regarding credit cards.
India has also seen a number of instances where card information has been leaked by hackers internationally. In October 2019, card details of 1.3 million customers were leaked on the dark net by hackers. While the data leak is yet to lead to any major financial losses for customers, it still prompted the RBI and the National Payments Corporation of India to review security measures.