Live
- Chanchalguda Jail Officials Say They Haven't Received Bail Papers Yet, Allu Arjun May Stay in Jail Tonight
- BJP leaders present evidence of illegal voters in Delhi, urge EC for swift action
- Exams will not be cancelled: BPSC chairman
- Nagesh Trophy: Karnataka, T.N win in Group A; Bihar, Rajasthan triumph in Group B
- YS Jagan condemns the arrest of Allu Arjun
- Economic and digital corridors to maritime connectivity, India and Italy building vision for future, says Italian Ambassador
- SMAT 2024: Patidar's heroics guide Madhya Pradesh to final after 13 years
- CCPA issues notices to 17 entities for violating direct selling rules
- Mamata expresses satisfaction over speedy conviction in minor girl rape-murder case
- Transparent Survey Process for Indiramma Housing Scheme Directed by District Collector
Just In
While some of the country’s premier banks are busy blocking debit cards that have been compromised (the numbers run into millions) in one of the financial sectors biggest data breaches, it’s time for banks to adopt state-of-the-art, fully encrypted ATM security solutions to safeguard consumers, the country’s top cyber experts have suggested.
New Delhi : While some of the country’s premier banks are busy blocking debit cards that have been compromised (the numbers run into millions) in one of the financial sectors biggest data breaches, it’s time for banks to adopt state-of-the-art, fully encrypted ATM security solutions to safeguard consumers, the country’s top cyber experts have suggested.
Securing bank networks
- Adopt extra-layered, state-of-the-art encryption security
- Data breach attributable to malware introduced in ATM systems.
- Replace magnetic-stripe cards for ATM transactions with EMV chip cards
- Need for biometrics like retina scan, voice scan or fingerprint as double verification at ATMs.
- PIN numbers must be changed periodically
- Make PIN and account passwords difficult to guess and hack
The State Bank of India (SBI), HDFC Bank, ICICI Bank, Axis Bank and YES Bank are among banks which reported several of their customers' debit cards being compromised following a malware-related security breach in an ATM network. The SBI has blocked nearly 6,00,000 debit cards so far.
"This incident is a wake-up call for the Indian banking ecosystem to pause and realise that adopting extra-layered, state-of-the-art encryption security to minimise consumer financial data breach has become essential. The breach is attributable to malware which was introduced in ATM systems. The said malware has resulted in unauthorised access of data," Pavan Duggal, one of the nation's top cyber law experts, told IANS.
Malware attacks and cyber threats have affected countries like Japan and Bangladesh in the recent past and banks in India will have to make efforts to ensure that data is protected with multiple levels of authentication and industry-standard encryption, ensuring data security at all points of a transaction.
"It is time that magnetic-stripe cards issued by banks for ATM transactions are replaced at the earliest. While the affected banks are blocking debit cards to minimise the impact, the already ongoing replacement of mag-stripe cards with EMV chip cards will help the banks and consumers," explained Atul Singh, Regional Director-Banking and Transport (India Subcontinent) at the digital security giant Gemalto.
Gemalto works with some of the world's leading enterprises, banks and telcos to help them deploy consumer-friendly technology solutions for payment, banking and other financial services on the mobile and securing confidential information. EMV – which stands for Europay, MasterCard and Visa – is a global standard for credit cards that uses computer chips to authenticate (and secure) chip-card transactions.
"This is in line with the RBI directive to issue EMV chip- and PIN-enabled cards. According to industry estimates, around 400 million mag-stripe cards have to be migrated to EMV standard in the next two years while nearly 120 million cards would have been migrated this year," Singh told IANS. Further, banks need to work towards gradually enabling EMV chip and PIN-enabled card acceptance and processing at ATMs to enhance the safety and security of transactions.
While the point of sale (POS) terminal infrastructure in the country has been enabled to accept and process EMV Chip and PIN cards, the ATM infrastructure, on the whole, continues to process the card transactions based on data from the magnetic stripe. "As a result, ATM card transactions remain vulnerable to skimming and cloning, etc., even though the cards are EMV Chip and PIN-based.
Therefore, in line with RBI's directive of May 26, 2016, to all banks to upgrade ATMs to accept chip and PIN by September 2017, banks must take immediate steps to implement this in a fast-track mode," Singh added. "Further, the ground realities for cyber security breach are distinctly different in 2016 as compared to 2008. As such, there is a distinct need for India to beef up its legal frameworks on cyber security when it comes to banking frauds," he told IANS.
According to Rakshit Tandon, consultant at the Internet and Mobile Association of India (IAMAI) and a cyber security expert, ATM cards are vulnerable, ATM machines are weak and banks' own servers are at hacking risk. "Banks must introduce biometrics like retina scan, voice scan or fingerprint as double verification at ATMs. PIN numbers must be changed periodically. But the option is only in four-digit and so making strong PINs is out of question as of now," Tandon told IANS.
Watch bank statements closely and contact the bank in the event of any signs of unexpected charges or transfers. Consumers also need to be aware of phishing scams where cybercriminals hijack banking systems and send bogus emails that lure people into sharing personal information or clicking malicious URLS with malware.
"Make all new PIN and account passwords different and difficult to guess. Include upper and lower case letters, numbers and symbols to make passwords harder to crack online," suggested Sunil Sharma, Vice President-Sales and Operations (India & SAARC), Sophos, a global leader in network and endpoint security.
By Nishant Arora
© 2024 Hyderabad Media House Limited/The Hans India. All rights reserved. Powered by hocalwire.com