...
...
Next Story

Beware of e-Natwarlals

For now, we have only taken the first step against networked Natwarlals by making the PIN mandatory for internet transactions. There’s some safety in numbers. Pratik Kanjilal writes.

Updated on: Jul 31, 2009 11:28 PM IST
None | By
Prefer HTon Google
Advertisement

It’s such a pity that Natwarlal has died twice over, 13 years apart. His brother cremated him in 1996 and his lawyer announced his death last Saturday. It’s a wonderful death, mystifying the police all over again. But his passing is a pity nevertheless, because the golden age of the masters of deception is just dawning.

HT Image
HT Image

Last autumn was a watershed in the history of identity fraud, with a record 21 per cent increase in global incidence. Credit card fraud, its most lucrative subset, is now worth several billion dollars to international crime syndicates. The Reserve Bank of India (RBI), historically slow in such matters, has finally moved to protect our 35 crore cardholders from this global crime wave and from today, you can’t make an Internet transaction without a PIN (personal identification number) or a banking password.

Like rape, identity fraud tends to be under-reported. But at least Rs 25-30 crore is being snarfed by the ungodly every year from the Indian banking system. The new technology for hooking dupes is phishing, a form of digital diddling in which fake emails sent from familiar addresses are used to lure people to sign on at copies of well-known Websites, and type in their credit card details.

The RBI directive will save us from being whaled or guppied on the Net, according to our financial standing, but it does not address offline fraud. The magnetic stripe credit cards we use can be cloned by anyone who swipes your card out of sight. Even a crooked waiter could do it, using technology freely available on the Net. In fact, the output device is the machine hotels use to code the plastic key to your room.

Magstripe cards are becoming history. Britain, for instance, instituted Chip and PIN technology in 2004. It requires buyers to insert a smart card into the card reader with their own hands and punch in their PIN, which is checked instantly against the contents of the card. The seller is hands-off, making fraud much more difficult. But not impossible. British cheats are stealing PINs as they are punched in using pinhole cameras (appropriately enough!) and circuits embedded in card readers and stealing several hundred million pounds per year. But experiences vary — France has used similar technology to cut fraud by 80 per cent.

In India, where plastic money is proliferating rapidly, we should move on from magstripe cards. And internet fraud calls for public education, because it can be difficult for a user to tell a phishing site from a legit entity. For now, we have only taken the first step against networked Natwarlals by making the PIN mandatory for internet transactions. There’s some safety in numbers.

Pratik Kanjilal is publisher of The Little Magazine (The views expressed by the author are personal)

 
Check India news real-time updates, latest news on Hindustan Times and more across India.
Check India news real-time updates, latest news on Hindustan Times and more across India.
SHARE THIS ARTICLE ON