Banks need to raise firewalls to protect debit cards - Hindustan Times
close_game
close_game

Banks need to raise firewalls to protect debit cards

Hindustan Times | By, Mumbai
Oct 22, 2016 01:30 PM IST

Following the security breach that led to data of almost 3.2 million debit cards getting compromised, banks need to adopt multiple-level authentication, install improved firewalls and employ only a fixed number of softwares at their ATMs, experts said.

Following the security breach that led to data of almost 3.2 million debit cards getting compromised, banks need to adopt multiple-level authentication, install improved firewalls and employ only a fixed number of softwares at their ATMs, experts said.

Following the security breach that led to data of almost 3.2 million debit cards getting compromised, banks need to adopt multiple-level authentication, install improved firewalls and employ only a fixed number of softwares at their ATMs, experts said.
Following the security breach that led to data of almost 3.2 million debit cards getting compromised, banks need to adopt multiple-level authentication, install improved firewalls and employ only a fixed number of softwares at their ATMs, experts said.

The cards belonged to 19 banks, including top ones such as State Bank of India, ICICI Bank, HDFC Bank, Axis Bank and Yes Bank. Over 640 customers have so far complained of being affected with fraudulent withdrawals, which till October 20 totalled 1.3 crore. Banking sources said the amount could rise as many transactions may not have been reported.

While banks— both state-owned and private — did not want to comment on the issue, all of them are looking to strengthen security procedures to prevent such frauds, said people connected with the issue.

In an interaction with HT, AP Hota, managing director and CEO of NPCI, an umbrella organisation for all retail payments system in India, said: “We have global standards of compliance that need to be followed by all banks.”

According to the former country head of ATM management at Yes Bank, Aspy Engineer: “Banks must strengthen security systems first. We can introduce 2-3 or 4 factor authentication, better firewalls at the ATMs, updated anti-viruses and white list the ATMs where only 4-5 softwares can be inserted in a machine and any attempt to infect the ATM with another software will be rejected.”

ATMs run using a CPU similar to those employed on normal computers, White listing restricts the number of softwares that can be installed on an ATM’s CPU, if an unrecognised software attempts to install on such an ATM, it automatically sends an alert to the company.

NPCI’s Hota said it must be made mandatory to link all bank accounts and core banking solutions to cellphone of the customer to help banks reach out customers faster.

It is suspected that an unauthorised entry was done at the switch level that is certified by the PCI-DSS (Payment Card Industry Data Security Standard). The switch helps transmit information from and to ATMs. PCI Council, the international body which sets standards on for PCI–DSS, is conducting a forensic study on the issue. “Additionally, switch-providing companies should also be brought under supervision framework,” Hota added.

Elevate your career with VIT’s MBA programme that has been designed by its acclaimed faculty & stands out as a beacon for working professionals. Explore now!

See more

Catch every big news on Union Budget 2024, Nirmala Sitharaman's announcements, income tax changes Economic Survey 2024 Live, Budget 2024 Live and much more on a one stop destination.

SHARE THIS ARTICLE ON
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Tuesday, July 23, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On