Rajiv RajCreditvidya.com
The Reserve Bank of India recently banned attempts at circumventing two-factor authentication in transactions in which both payer and receiver of funds are Indians. It involved Card Not Present (CNP) transactions since it failed to fulfill the criteria of adhering to double factor authentication. These CNP transactions, had been carried out on a foreign payment gateway which involved no double-factor authentication.
For those who frequently use credit cards online, double factor authentication is a known thing. It works like this: The credit card holder fills up his credit card details on a site where he is a payer and then the bank sends him a 'one time password (OTP)' on his registered mobile phone. The transaction is completed when the OTP is entered. OTP is valid for that one transactions and expires after the use. Every new transaction made on the credit card generates a new OTP. Alternatively the credit card holder is prompted to a 'Visa or Master verified' site and then he is expected to insert his password, which is known to him only. This ensures that even if one gets to know the credit card details of an individual one cannot misuse the credit card online.
Double-factor authentication thus helps individuals from fraudulent transactions. However, recently RBI noticed that some merchant sites were involved in transactions where both parties to trade are Indians and were carrying out the transactions without two factor authentication on a foreign payment gateway to make the transactions convenient. Though no fraud is reported as of now, by banning such transactions RBI has made it clear how serious it is about insisting on double-factor authentication involved in transactions, among other factors.
If you are paying online on any web site in India, you need to keep in mind that the site must not only be secured but it should also ask you two-factor authentication. It helps you to protect yourself from fraudulent transactions. There are websites that capture your credit card details - 16 digit credit card number, expiry date and even your Card Verification Value (CVV) number. But since the OTP is with you, they can do little with these details. By capturing card details they ensure that you need not keep entering the details each time you shop on the website. When you shop on such websites frequently, you just have to choose your credit card while paying online. After this you receive an OTP and upon entering that OTP, the transaction goes through. This is fine, since you are in control of your payments. However, avoid using websites that do not offer two-factor authentication.
For credit card holders, RBI has banned web sites that do not follow the two factor authentication rule. All web sites are expected to be compliant with double factor authentication by October 31, 2014. So, you have to be vigilant. If your credit card details are wrongly used, and fraudulent transactions are carried out on your credit card, it is you who suffer. You may have to run around to reverse these transactions. The process is time-consuming and the onus to prove the fraudulent nature of the transaction is on the credit card holder. In the worse situation, if you fail to repay the credit card outstanding, your CIBIL score, or credit score goes for a toss.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
