After 1st Aug-2009, you need not think twice before letting your credit card out of sight at a restaurant, petrol pump or any other merchant establishment. The details printed on your card including the card number, expiry date and three-digit card security code (popularly known as the CVV) will not be enough to make fraudulent online transactions.
A RBI directive has ensured that from 1st August 2009, credit and debit card-issuing banks must provide for additional authentication of information over and above what is visible on the physical card. In other words, the cardholder must key in an extra security code to complete a online transaction.
RBI specifies, “Banks are free to decide on the technology they wish to use to fall in line with these instructions.” On their part, banks have been beefing up their online security. Virtual cards, which have been around for a while, are a secure option offered by the likes of HDFC Bank, ICICI Bank and Kotak Mahindra Bank. For normal VISA and Master credit cards issued by banks two new online cards registration procedures known as “verfied by VISA” and “Mastercard Securecode” have already been initiated. Check your bank’s website for registering your credit card before 1st August 2009.
After registration procedure of these VISA and Master credit cards completed by the card holders, Banks offer increased security via MasterCard’s Securecode and Visa’s Verified by Visa, which offer personalised passwords. Much like the authentication process required for payment card use at ATMs, SecureCode requires cardholders to enter their personal code in an online window on their PC before a transaction can be processed. Even if you lose / misplace your credit card it cannot be misused online as the password is not present on the card.
But these initiatives can work only if the cardholder is prompted to enter the code by the merchant site. The card-issuing bank, the retailer and the retailer’s acquiring bank will all have to participate. Even if one of these entities does not participate, the cardholder is not prompted to enter the SecureCode. We wish all the credit issuing banks in the country implement this technology to make their cardholders to transact on e-commerce sites using secured passwords.