A senior official of the Reserve Bank on Thursday said all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest, as envisaged under its IT Vision 2011-17 released the other day.
Reserve Bank executive director G Gopalakrishna, speaking to reporters on the sidelines of a banking technology conference here, further said the banks will have to implement the facility of "second factor verification" at merchant establishments and ATMs shortly.
"Many small banks do not have a designated CIO and also do not have a clear framework on information sharing...Over a period of time we want to access all the information from the main server of the bank once the RBI's IT Vision is implemented. Those banks having no CIOs and a steering committee will have to have these positions implemented at the earliest," he said.
"Against the current practice of seeking the password, banks will have to ensure that ATMs and points of sale (Poses) will have the second factor verification soon to avoid any room for fraud," Gopalakrishna added.
The second factor verification is a facility that helps prevent fraudulent transactions during online purchases, by asking the buyer or payee to give a second password which is not the three-digit CVC number in the case of a credit card and the ATM password in the case of a debit card. Currently this is not mandatory at the Poses and ATMs.
It can be noted that the RBI on February 28 had released its IT Vision 2011-17 document, which seeks to make the use of information technology beyond core banking and into newer areas like management of information systems (MIS) and better regulatory reporting.