Harshvardhan Singh, 30, is sold on the convenience of his credit card. The Indore-based assistant sales manager with Jet Airways travels far and wide and uses plastic for almost every expense he incurs. But when he was slapped a credit card bill of Rs 46,000, Singh sensed something was wrong. “On enquiring I was told that the amount was a net transaction conducted to download movies and for shopping in Hong Kong,” he says.Recently, Kingfisher Airlines officials discovered to their horror that Rs 15 crore worth of tickets bought on the Net and on phone using credit cards had not been authorised by the cardholders. A group of scamsters had obtained credit card numbers and their customer verification codes and used them to buy thousands of air tickets. These tickets were then sold at attractive discounts to unsuspecting travellers. By the time the card holders got their credit card bills and raised an alarm, the scamsters had already pocketed over Rs 15 crore and fled.
PREVENTION IS BETTER
The world can’t stop transacting online because of a few bad men. Here’s how you can protect yourself
-Enter the URL address manually instead of clicking on links. Or phone the company for confirmation.
Cyber scamsters use different tactics to trap victims. The most common of these is phishing (see box Cipher Code). In 2003, thousands of eBay customers in the US received e-mails supposedly from the company.
The e-mail claimed that the customers’ accounts would be suspended unless they clicked on the provided link and updated the credit card information that the genuine eBay already had. The link took the customer to a bogus clone of the eBay site and tricked many into parting with credit card details to update their accounts. Millions of dollars were pilfered before the scam was discovered.
Then there is the more dangerous and difficult to detect pharming technique. If phishing is like a man trying to lure individuals with bait, pharming is like a trawler with a net. There is no escaping it. Pharming hijacks a legitimate site and inserts links that redirect users to a malicious site to obtain information on the card and its holder.
Is there no recourse for the victims of this cyber menace? Of course, there is. Singh was not left to fend for himself. His passport and travel documents revealed that he had visited Hong Kong about two years ago. His bank verified this and figured out that his credit card was duplicated much before it was actually misused.
Says Sachin Khandelwal, head of Cards Product Group at ICICI Bank: “If it is found that the card was misused by someone else, the cardholder is not imposed any liability and the charge is reversed. The customer is not imposed any liability because it is the merchant establishment's responsibility.”
Not everyone is so lucky though. Paramjeet Singh Bhatia, also from Indore, is still fighting a legal battle against HDFC Bank for an unpaid bill of Rs 26,400. Bhatia says he never made the Net-based transaction. “The bank tried to settle the case after I moved the district consumer court,” he says.
You can protect yourself against cyber frauds by taking some simple precautions (read box: Preventionis Better). Says T.R. Ramachandran, business manager, cards, Citibank: “It is advisable to visit only secure and safe websites for Net transactions.”Card companies can help by incorporating some security features in their products. For instance, some credit cards are tailored to tackle online security threats and are secure for online payments. For instance, ICICI Bank offers its customers extra protection of 3D Secure program to carry out secure transactions. 3D Secure is promoted by Visa and Mastercard for secure online transactions.
Two most common tactics adopted by cyber scamsters to cheat you
P H I S H I N G
How it works
How it works
Besides, basic details of every online card transaction should be immediately communicated to the cardholder through SMS or e-mail. Cardholders could be given the option wherein every e-transaction should be confirmed through telephone before clearance. Many banks already offer such a facility where any transaction beyond a specified value is confirmed with the cardholder beforehand.
Says Pavan Duggal, Supreme Court advocate and cyber law specialist: “The Consumer Protection Act, 1986 needs to be amended to cover e-commerce.” Also, we need a regulatory body to certify e-trading websites as authentic and secure for consumers.
Contrary to popular perception, Net-based usage of a credit card is safer than physical swiping. However, the horror stories of victims of frauds are acting as a damper. As e-commerce opens up and online transactions become more common, it will be in the interest of card companies to introduce such safety features in their cards. A few bad apples should not hold back an idea that offers convenience and safety for millions of users.