Credit cards are loaded guns that can go off any minute emptying your life savings if you aren’t careful.
The Payment Card Industry (PCI) Data Security Standard, which has a set of regulations for credit card security over the Internet, is not a government regulation and therefore merchants or service providers cannot be held legally accountable when thin gs go wrong. Recently, the RBI issued a notification to all banks to implement a system of providing for additional authentication and online alerts to cardholders for all “card not present” transactions of the value of Rs 5,000 and above.
This system becomes mandatory from August 1, 2009, and banks have been advised to adhere to the instructions.
Amuleek Bijral, Country Manager, India and SAARC, RSA, the Security division of EMC, says, “These directives from RBI strengthen the need for looking at 3D Secure solutions. ”
RSA’s 3D secure technology is designed to reduce the possibility of fraudulent card use by authenticating the cardholder at the actual time of the transaction.
Bijral says, “3D Secure is an industry standard. It was Visa’s attempt to put the ‘signature’ into an e-commerce transaction. Card holders assign a password to the payment card through enrolment. The participating merchants and banks also require the password with each e-commerce transaction.”
How do 3D Secure solutions work?
3D Secure is the payment industry’s internet authentication standard and covers three domains: Acquirer Domain (the merchant and the bank to which money is being paid), the Issuer Domain (the bank which issued the card being used) and finally the Interoperability Domain (the infrastructure provided by the credit card scheme to support the 3-D Secure protocol).
Hence, the name 3D Secure; securing all three domains.
A significant proportion of chargebacks can arise as a result of the cardholder denying that they authorised a transaction.
The 3D Secure technology is designed to reduce the possibility of fraudulent card use by authenticating the cardholder at the actual time of the transaction and subsequently reducing the merchant’s exposure to disputed transactions and chargebacks, says Bijral.
3D Secure can be thought of as an online version of ‘Chip and Pin’ technology, whereby the cardholder has a personalised password registered with their card that is entered during the checkout process.
Enrolling for 3D Secure benefits both the enabled merchants and the cardholder as the former will avoid liability from chargebacks relating to fraud and clients can be assured that no one else can use their card, he says.
Bijral also stresses the often-listed security steps for credit card use.
According to Bijral, at an individual level, RSA is advising customers to give as little information as possible and, if a Web site insists on information that doesn’t seem relevant and can’t justify its request, to leave the site immediately.
The security specialists are also reminding customers to choose strong passwords and update them regularly and to clear the cookies to increase protection against potential hackers. Also, when visiting a Web site, RSA recommends that customers go with companies they have heard of and also make sure the Web site address doesn’t change or re-direct to another site.
A closed padlock or key should appear on the page being browsed, letting you know your personal information will be encrypted or scrambled.
Do not respond to e-mail or click on Internet advertisements that promise you free gifts on special days. You should switch on the anti-phising feature of your browser, he stresses.
RSA also recommends avoiding the use of shared computers for financial transactions.
Posts
