The Reserve Bank of India (RBI), has issued new set of laws, in view of the increasing unpredictability of the cyber attacks and the rise in vulnerability of the electronic payment systems to new types of misuse. According to RBI, banks should issue all new debit and credit cards only for domestic usage unless international use is specifically sought by the customer. Banks have been asked to convert all existing MagStripe (magnetic stripe) cards to EMV Chip card for all customers who have used their cards internationally at least once and that too with a threshold limit.
When a card is misused or stolen, the customer has to go through a lengthy process over the phone to block his card. Also, most customers complain that helpline numbers on the reverse of cards are too small to be legible. Keeping this in mind, easier methods like SMS, for blocking the card should be provided to the customer by the bank, advised RBI.
Banks have been asked to ensure that the terminals installed at the merchants for capturing card payments (including the double swipe terminals used) should be certified for PCI-DSS (Payment Card Industry- Data Security Standards) and PA-DSS (Payment Applications -Data Security Standards). Furthermore, RBI has asked banks to move towards real time fraud monitoring system and new technologies such as adaptive authentication at the earliest. Even capturing of Internet Protocol (IP) address as an additional validation check has been recommended by RBI.