Do you do your banking on the phone? If you do, it’s going to get a bit more tedious, but in your own interest. Under a new direction from the Reserve Bank of India (RBI), starting January 1, 2011, banks will seek an additional password from phone-banking customers.
This will be done through a temporary password for interactive voice response (IVR) services and will be called a one-time password (OTP). It will add another layer of security and is aimed at curbing credit card fraud.
The Press Trust of India said on Sunday that under this new guideline, all banks will mandatorily decline any telephonic banking transactions, including automated IVR services, where the customers don’t have an OTP. The password will be sent only to the customer’s registered mobile number and email address. It can be used only once and will remain in effect for two hours.
For each transaction, customers will need to generate a new password that will expire automatically.
“This move is for IVR transactions and is a precautionary measure taken to safeguard both the customers and bank. As of now, IVR transactions are low in number (just one per cent of transactions) but password protection will provide one more layer of security,” Subrat Pani, head of credit cards at Kotak Mahindra Bank, told HT.
Customers will, henceforth, need at least five numbers to conduct a credit card transaction over phone, including the 16-digit card number, card expiry date, CVV (card verification value, printed on the back of the card) number, mobile phone number, and the OTP.
The new step has been taken mainly as a safeguard against credit card frauds because of a rise in incidents where lost or stolen cards were used due to inadequate protection.
In the instance where cards are presented physically, the RBI has already made identity verification compulsory and there is also a matching of signatures on charge slips with those on the cards.
However, phone and Internet banking, are more vulnerable. And the new security layer for phone banking follows a similar step taken by banks earlier this year for Net banking transactions.