On January 15, 2020, the Reserve Bank of India (RBI) came up with a notification asking all the banks to enhance the security features of debit and credit card transactions. Interestingly, Financial Software and Systems (FSS), a global paytech firm from India, has already developed a white-labelled mobile app that enables the card holder to control the usage of their cards.
Sathish Narayana Mohan, Head of Product Engineering, FSS, shares his views on the RBI’s directive and discusses the feasibility of the technology, its advantage and how it enables better fraud protection for the customers.
Excerpts:
Q. How does RBI's directive on Card Transactional Security help customers in limiting online fraud? What is the procedure to enable the same?
A: The growth in digital transactions provide expanded avenues for fraudsters and scammers to commit fraud. According to industry estimates, for every USD 100 in global transaction volumes, 5.65 cents is fraudulent.
According to the Reserve Bank of India’s Annual Report for 2018-19, frauds relating to card, internet and deposits constitute 0.3 percent of the total value of frauds, amounting to ₹220 crore.
Fostering trust in digital transaction to drive usage of digital payment instruments is a central tenet of RBI’s Payment Vision 2019-2021. The recent mandates to enhance card security is an added measure in safeguarding consumers and driving usage of digital payments across transaction end points. To protect debit and credit card transactions and strengthen counter-fraud mechanisms, the recent circular by Reserve Bank of India mandates issuers to:
- Restrict the use of physical and virtual cards for in-country cash withdrawals at ATMs and for card present (proximity) transactions at the time of issuance
- Enable in-country remote online transactions, international proximity and remote transactions and contactless transaction, basis cardholder risk score
- Disable online (card not present) international and contactless transactions for cards that have not been used for these transaction sets
- Empower customers with tools to define and modify transaction limits (within the card limit, set by the issuer) for domestic and international transactions at PoS and ATMs for online and contactless transactions
A: The expansion of the transaction ecosystem requires banks to shift from a compliance-centric to an active fraud prevention mindset – positioning risk and fraud management as a critical services differentiator.
Current counter-fraud measures primarily limit the velocity and the volume of transactions at a per customer level and are inadequate against evolving intensification of fraud attacks. Detection strategies that bring together cross-product and cross-channel data, and apply intelligent machine learning models, can help in proactive detection of fraud signals.
Many banks are investing in new technologies such as tokenization and risk-based authentication systems to safeguard customers from card not present fraud. Tokenization masks customer card with a random number, rendering the card details useless if merchant or bank systems are hacked. Risk-based authentication enables banks to verify legitimate customers by analysing their transactional and behavioural profile leveraging a range of variables such as transaction amount device, merchant, location and, shipping address. For instance, if a customer transacts at a specific location in Mumbai and initiates another transaction at another location 20 kms away within a short span, the transaction would be immediately flagged.
Underlying these new applications are enterprise-wide advanced AI and ML-driven fraud and risk management tools to help banks devise a unified approach to digital risk and uncover emerging fraud patterns. By harnessing transaction intelligence from data resident in multiple systems risk management teams can automatically learn customer transactional behaviour and detect fraud patterns for improved risk decisioning. FSS today is working on all these areas.
Customer-driven fraud deterrent tools can supplement centralised controls and bolster cardholder confidence and trust in yet evolving digital payment instruments and channels.
For instance, our product FSS Toggle allows banks to leverage the wisdom of the crowds to manage fraud and maintain a constant, high-level of vigil in containing fraudulent transactions.
Q. Could you share more details on FSS Toggle?
A: FSS Toggle, a dynamic card control system, helps banks protect customers from fraud and achieve optimised cost and time, and cost of regulatory compliance. FSS offers Card Controls As-a- Service enabling banks to go live in a few weeks. FSS Toggle empower consumers with a facility to control when, where and how payment instruments (debit cards, prepaid cards, mobile wallets) are used. Consumers can establish transaction controls for dollar amount limits, merchant categories, transaction types and geographic locations across channels -- ATM, in-store, mobile and online. This protects consumers from potential fraud resulting from phishing attacks, lost or stolen cards. For instance, if card information at a bank is breached, fraudsters will not be able to use the card for unauthorized online purchases or withdrawals as transactions would be declined.
Q. How does FSS Toggle mobile app help consumers remotely control the use of their digital payment instruments?
A: Using Toggle, consumers can enable a wide gamut of use cases. These include:
- Set spending limits: Account holders, set spending caps basis time, merchant type, location, channel to budget expense better. For example, a maximum single purchase amount can be set, or transactions can be limited to specific merchant categories or to the total amount spent over a specific time-period.
- Manage specific transaction types: Account holders can configure higher spends than normal to make a high-ticket in-store purchase on a specific day
- Set Safe Mode, Single Transactions: Primary card holders can activate safe mode to enable a single transaction on the card. For example, configure the dollar amount and channel whilst sending a minor to withdraw cash from the ATM
- Parental Control: Parents can create customized spend profiles for each family member and can proactively monitor spend on companion cards. Furthermore, geo-fencing a payment instrument can enable parents to ensure dependents use the financial instrument within a known radius or at known merchants. For example, bar minors from using cards at online gambling sites
- Corporate Users: Card controls can provide businesses improved control, transparency and reporting on expenses. Whether employees are stocking up on office supplies or taking a client to dinner or travelling abroad, FSS Toggle helps corporates allocate and track spends and bring transparency in transactions. Businesses can create spend profiles for each employee (sub-account) and monitor expenses to prevent misuse of official cards.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
