Even yesterday I knew that my credit or debit card is super safe on the internet. Did you ever think that your card information can be used for a fraudulent transaction without OTP or password? The fraudulent transaction can be any type of transaction say to some under reputed company or some personal transaction. When we say “fraudulent transaction without OTP or password”, it becomes freaky, isn’t it? So, let’s discuss what can happen with your card information and how you can avoid such.
Can one face fraudulent transactions without OTP or password?
A Simple answer is yes. With this strange answer comes some questions in mind! No? This becomes freaky when it comes to the idea of online fraud. All the countries around the globe have developed their fraud detection system so that fraudulent transactions get caught and canceled. But they all use different algorithms and privacy measures, which may not be the same as India follows. So in such a situation where you are willing to perform a foreign transaction and you may not ask to perform the “Two-Level Authentication”.
I will try to answer all such question came to my mind while writing this blog. I will answer all the questions at the end of the blog. If you came up with another question please let me know in the comment section.
What recently happened?
A girl based in Noida got a jolt from the blue when she has robbed of Rs 1.5 lakh without any OTP or PIN. On New Year’s Eve, Neha Chandra was on a metro when her wallet was stolen. She lost her money only a few minutes. The girl’s HDFC Bank Debit and Credit Cards were transacted fraudulently.
In a 15-20 minute time, Rs 1.5 lakh was deducted from her HDFC debit card and credit card with three fraudulent transactions. The RS 52,499.99 and RS 44,544.24 were two of the fraudulent transactions from her debit card. A further transaction was worth Rs 52,499.99 on her HDFC Bank credit card. The same dealership was called ASHANTI, PARIS 10/FR for these purchases.
How this could possibly happen?
When you are performing the online transaction inside India, you might have noticed that 2 -step Authentication is mandatory for every transaction getaway or authorized body. Generally in India, RBI is the topmost authority for any kind of online or offline money transaction. RBI has imposed some rules and regulations, one of those is making the 2 step authentication mandatory, to prevent frauds. Now India has implemented this but it is not necessary all the countries will be following the same. If the transaction is happening outside India, or the gateway is not under the control of RBI, it may or may not use 2-step authentication.
Recently I purchased a service for Google and I had to pay a certain amount to Google. As usual, I gave all my debit card details and expecting an OTP will come the confirm the transaction. But on my surprise, the money just got deducted on the go. No OTP, not a separate portal. It is really scary. Suppose, you gave you entire card details to some phishing site and expect something to happen. Now that site may illegally store the data of your card, violating PCI-DSS (Payment Card Industry Data Security Standard). No, they use your card details to transfer money to some bank where the country does neither impose RBI standards nor fall under the control of RBI. So in such a way, your money may get transferred if the hacker knows your Card Number, Date of Expiry, Card CVV.
According to Rahul Tyagi, co-founder of the cybersecurity firm Lucideus, when using debit cards issued in India abroad, one does not receive an OTP while making an online transaction up to a certain amount.”. All a hacker needs are the card number, Date of Expiry and CVV. For ATM transactions, there are multiple ways a hacker can get access to the user’s PIN, depending on the scenario. For example, a hacker can reset the PIN, use compromised ATMs to track data or can perform a skimming attack,” Tyagi told IANS (Indo-Asian News Service).
Manan Shah, Founder, and CEO of Mumbai-based Avalance Global Solutions agreed: “Hackers have devised unique ways to bypass PIN and OTPs on both debit and credit cards. There are point of sale (PoS) machines in use that do not need OTP for a transaction for a certain amount and I have seen such cases growing in the near past”.
Point of Sale (POS) Machines:
A POS (Point of Sale) terminal is a card reading machine or any other device that accepts payments for an order placed on the POS system. These machines may or may not be integrated with the POS Software. You may have noticed that in some stores, the bill is printed and the card swiped on a single hardware device
From a user’s perspective, when traveling abroad, users should request the bank to decrease the minimum transaction amount, continuously monitor the usage of their card and immediately report any anomalies to the bank.
Such similar events had taken place in the past and one of the solutions is to enquire with the bank and limit your card usage if you’re planning to go abroad. If anything happens, immediately inform the bank to avoid complications, later.
Where my card can be used without OTP?
If you are using your credit or debit card for some foreign transaction online or if you are using your card to some store POS machine (foreign) then be couscous about the transaction, and don’t give your card to the waiters, they can steal your card data and use them for something else.
Does OTP or password work outside India?
Yes, but the thing is it completely depends on the gateway you are using, if they have OTP verification in their guidelines then you will receive OTP before the transaction, but as they are not bound to the strict rules of RBI, they may not be implementing the OTP.
Can you use the Indian Credit Card internationally?
Yes, in order to use your Indian Card Internationally, you need to ask your bank to activate international transactions.
Can you use the Indian Credit Card on foreign websites such as Paypal Amazon and so forth?
Yes, they basically store the details of your card and whenever you want to access their portal they use your card safely hiding the details of the card. It is a bit more safe approach but chooses such a platform like Paypal or such carefully, and always check if they are fishy or not.
Does your Indian Credit or debit card have a difference in international locations?
No, you can use them, as usual, the only difference is that they will not ask you for an OTP up to a certain amount.
How much and what are the international charges associated with the use of a credit card?
The foreign transaction fee is assessed by the issuer of the credit card and is typically in percentage form, with 3 percent being very common. That percentage, however, may vary from one issuer to another. Although 3% may not seem much to you as a foreign transaction fee, remember that this applies to every foreign transaction you make with a cardholder.
- Foreign Transaction Charge: Credit card transactions outside the country in which the card was issued are charged a foreign transaction fee. Since you have an Indian Credit Card, the balance is in Indian Rupees automatically. Therefore a foreign transaction fee is paid whether you acquire anything while traveling abroad or by placing an order with a global broker. Not all cards charge this price, but usually, it is about 3% of the purchase price for those who do.
- Foreign Currency Conversion fee: Dynamic currency conversion charges are the output of DCC. An overseas trader pays this sum to turn purchases into dollars (or in any currency of your home country). Claim you are a Native American who visits Hong Kong and want to buy a few memorabilia. The dealer may give you the option of seeing the bill instead of Indian Rupees, in Hong Kong dollars, so don’t you have to attempt to do your own mathematical change.
- Cash Advance Fee: Even within the country, cash advances are costly. Withdrawal in cash would raise the charge even further if you use your credit card in other places. Each time you withdraw cash from abroad, an extra 1-4% can be incurred. The regular cash withdrawal cost, along with the foreign cash withdrawal fee for your credit card will also be paid.
Can the Foreign Use of Credit Card or Debit Card be allowed or disabled?
You will be disabled for use at international shopping outlets, International ATMs and international shopping websites when your credit card is disabled. The process is similar to enabling international transactions with the Credit Card.
Can a cap be set for foreign use?
You can secure your card for international usage by setting limit which is well within your limits. Do Note that The International Usage Limit cannot exceed the total Card limit. You will get the “how-to” article to your respective bank website or branch.