Featured Images

‘Outsourcing is the fountainhead of card fraud’

And debit cards are poor cousins where security is concerned, rue experts

Even as banks blame the “external hand” for suspected data theft of about 3.2 million debit cards across 19 banks, banking experts put the onus on the banks and blame them for outsourcing crucial services like cards.

They have raised concerns about outsourcing, which potentially compromises card details besides the personal details of customers.

“These outsourcing service providers have easy access to the card and personal details of a bank customer. In order to maintain their profitability, and reduce the additional cost burden, banks pass on crucial work such as card service and maintenance to third parties,” said CH Venkatachalam, General Secretary, All India Bank Employees Association.

He demanded the RBI’s intervention and amendments in the guidelines on outsourcing.

Currently, the RBI’s guidelines on outsourcing restrict activities such as corporate planning, organisation, management and control and decision-making functions, according sanction for loans and management of investment portfolio. Debit and credit card services and maintenance are not covered.

“Outsourcing is the fountainhead of all the frauds. As a trustee of the customers’ money, banks do not have the right to outsource services relating to accounts even if it is card service,” said Venkatachalam.

According to RBI data, about 69.72 crore debit cards issued by 56 banks undergo transactions worth ₹2.19 lakh crore through ATMs and ₹17,100 crore through point-of-sales (POS).

About 2.59 crore credit cards have have combined transactions worth ₹24,341 crore through POS and about ₹202 crore through ATMs.

Regular check

An official of a leading private sector bank said the bank regularly keeps check on the credit cards used abroad and approaches its customers to replace the cards once they return. But this is not followed for debit cards. “We source credit and debit cards from two different agencies. Naturally, the safety features for both the catetories are also different,” said the official requesting anonymity.

Private banks have different security features for credit and debit cards, it is learnt. Even the dispatch mode is different — debit cards are typically sent through cheaper courier services to trim costs.

“In debit cards, you have limited risk associated as it is linked with the account. But in a credit card, the risk is unlimited because it exposes the entire credit limit. Hence, banks treat security features for both cards differently, leaving debit cards more vulnerable to fraud,” said a senior official at another bank. The point is proved from the recent data theft through debt cards, which were reportedly used overseas, revealing the inadequate security layers.

Touch and go

At the time of frauds, products such as contactless cards raise additional concerns. Sushant Sarin, Senior VP, Commercial Lines at Tata AIG General Insurance, said: “Contactless cards are made contactless only to enhance the convenience factor. But this extra convenience has to be balanced against the risk of contactless payments. Cardholders should keep their contactless cards on their person in such a way that accidental payments do not get triggered when in the vicinity of payment terminals.”

Article source: http://www.thehindubusinessline.com/money-and-banking/outsourcing-is-the-fountainhead-of-card-fraud/article9252332.ece

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>