Reserve Bank of India’s new guidelines that limit the use-cases of all debit and credit cards, that have not been used for international or online transactions, went into effect this week amid global fears of the coronavirus pandemic.
As per the guidelines, the RBI has asked all banks to mandatorily disable all the cards for online or international transactions, if they have previously not been used for such transactions. Now, all such cards will only be available for contact-based usage such as ATM and point of sales (PoS) devices within India.
As per the RBI’s circular, the volume and value of transactions through cards have increased manifold over the years, and these steps are important to ensure the security of card transitions and reduce frauds.
Meanwhile, at the time of issue or reissue from banks, all cards will only be enabled for contact-based points of usage. The cardholders will have to decide if they want to enable online and international transactions facilities on the card or not.
“At the time of issue / re-issue, all cards (physical and virtual) shall be enabled for use only at contact-based points of usage [viz. ATMs and Point of Sale (PoS) devices] within India. Issuers shall provide cardholders a facility for enabling card not present (domestic and international) transactions, card present (international) transactions and contactless transactions, as per the process outlined in para 1(C),” RBI’s circular read.
Besides this, the issuer or the bank will also have to provide the facility to control limits for all types of transactions whether domestic or international. The cardholders can also set limits on the transaction limits for PoS devices, ATMs, online transitions, contactless transactions and others.
Card Frauds On The Rise
Despite the strong measures taken by RBI to prevent credit and debit card frauds, the situation is still hard to control. As per an RBI report, India noted 972 card fraud cases every three days in the financial year 2017-2018. As per the report, the banking sector lost close to INR 168.74 Cr to organised crime directed at ATMs in the past three years till the first quarter of FY19.
In October 2019, debit and credit card details of almost 1.3 Mn users were put on sale on a website called Joker’s Stash. The database contained the details from several issuing banks and 98% of it belongs to Indian customers. A similar incident took place last month, when debit and credit card details of around 461,976 Indians were on Joker’s Stash.
The situation is not just limited to the debits and credit cards, but has slowly moved to online wallets as well. Digital payments platforms like Paytm and its subsidiary Paytm Payments Bank have started noticing an increased number of phishing cases as well. The situation got to a point, where Paytm Payments Bank had to reach out to the government departments to bring the issue to light.