Press Information Bureau
Government of India
Ministry of Finance
29-November-2016 16:26 IST
Measures initiated by RBI to prevent fraudulent use of debit cards
Reserve Bank of India (RBI) has informed that number of debit cards outstanding at the end of August 2016 was 71.2 crore. RBI has informed that frauds related to ATM / Debit cards is 1328 and amount involved is Rs. 6 crore for the period April 2016 to June 2016.
The measure initiated by RBI to prevent such frauds is given below:
i. In order to focus more attention on IT related matters, Reserve Bank has set up a Cyber Security and IT Examination (CSITE) Cell within its Department of Banking Supervision in 2015. RBI has issued a comprehensive circular on Cyber Security Framework in Banks on June 2, 2016 covering best practices pertaining to various aspects of cyber security. The progress of banks in scaling up their cyber security preparedness is also monitored by setting up a Cyber Crisis Management Group to address any major incidents reported including suggesting ways to respond. Department of Banking Supervision also conducts cyber security preparedness testing among banks on the basis of hypothetical scenarios with the help of CERT-In. RBI also has set up an IT Subsidiary, which would focus, among other things, on cyber security within RBI as well as in regulated entities.
ii. The banks have taken measures including advising the customers to change PIN blocking payments at international locations, reducing the limit and number of withdrawals, monitoring unusual patterns, replacing the cards and re-crediting the accounts of cardholders for amounts wrongly debited.
iii. RBI has issued circular on ‘Skimming of ATM/Debit/Credit Cards’, dated June 26, 2006, advising banks to take various preventive measures to combat frauds relating to skimming or duplicating of credit cards. The banks, inter alia, were also advised to inform to customers not to reveal PIN in response to requests received through e-mail, to periodically verify the transaction history to ensure its correctness and if any unauthorized transaction observed it should be immediately reported to the bank and inform the bank if the card is lost or stolen.
iv. In January 2016, Central Fraud Registry (CFR) has been operationised as searchable online central data base for use by the banks for frauds above Rs. 1 lakh. This data base is helpful to the banks not only during credit decisions but also to know about fraud in other areas of the banking including cyber frauds, ATM/debit/ credit card and internet banking.
v. Caution advices are also issued as and when necessary for preventing and controlling the frauds.
This was stated by Shri Santosh Kumar Gangwar, Minister of State in the Ministry of Finance in written reply to a question in Rajya Sabha today.
Also Read-
Reserve Bank of India (RBI) has informed that an incident of data breach with respect to cards was reported and the matter is under investigation. Independent investigation by a forensic auditor approved under Payment Card Industry Data Security Standard (PCI-DSS) framework is under process.
RBI has set up a Cyber Security and IT Examination (CSITE) Cell within its Department of Banking Supervision in 2015. The Bank issued a comprehensive circular on Cyber Security Framework in Banks on June 2, 2016 covering best practices pertaining to various aspects of cyber security. The circular requires banks to have among other things, a cyber-security policy, cyber crisis management plan, a gap assessment vis-a-vis the baseline requirements indicated in the circular, monitoring certain risk indicators in this area, report unusual cyber security incidents within 2 to 6 hours.
RBI has been carrying out IT Examination of banks from last year. RBI has also set up a Cyber Crisis Management Group to address any major incidents reported including suggesting ways to respond and recover to/from the incidents. Department of Banking Supervision also conducts cyber security preparedness testing among banks on the basis of hypothetical scenarios with the help of CERT-In. RBI has also set up an IT Subsidiary, which would focus, among other things, on cyber security within RBI as well as in regulated entities.
This was stated by Shri Santosh Kumar Gangwar, Minister of State in the Ministry of Finance in written reply to a question in Rajya Sabha today.