Debit card PIN use: Has RBI rule put you directly in the path of fraud?

The way debit cards were used changed forever from 1 December when the Reserve Bank of India made it mandatory for customers to key in the four-digit PIN for transactions to go throughat retail merchant outlets (read story here ). The move was aimed at enhancing the security of debit cards. But after nearly a month and a half , it seems the very step which was introduced to ensure safety is putting you in danger.

According to a report published in _The Indian Express_today, cyber security sleuths have detected a “black” private information stealing virus in the Indian online banking transactions space and have alerted consumers who swipe debit or credit cards at shopping counters to make payments.

More from Investing

MSMEs are breaking the traditional convention. Look who’s funding them Scale-up your startup without an investor! Here’s how

[caption id=“attachment_772733” align=“alignleft” width=“380”]  Representational image.
Reuters[/caption]

The report says this severely spread virus called Dexter is capable of stealing all the sensitive data from your card–card holder’s name, card number, expiry card and the highly sensitive CVV code. Using your debit card at any of the infected POS is extremely dangerous for the customer.

And honestly, we at Firstpost are not one bit surprised by this report, reason being, we had warned about such an incident last month (read here). Of course, a virus like that is a threat, but there are other dangers too, like shoulder surfing, where the person standing behind reads the four-digit number you punch into the PIN pad. In an over crowded country like India, you can’t really expect people to look away when you punch the PIN into the machine, can you? And what if that person is a fraudster?

In fact, internationally, instances have been known where many merchants have incorrectly stored PIN information they should be destroying after customers enter the secret code. And if such data is stored on the machine itself, how much time does it take for a fraudster to access such data?

We have no doubt that the apex bank’s intention was honourable, but this debit card pin-based merchant transaction rule is one big messy move, and now with the Dexter virus spreading around, these guidelines could put customers in a bigger mess. The purpose of having credit and debit cards is to reduce the use of paper money. But this new requirement is making debit card use unsafe.

May be when it comes to retail shopping, ditch the card. Cash is the king.