एन. एच. आई. डी. सी. एल. क्षेत्रीय कार्यालय - गंगटोक द्वारा सिलीगुड़ी टैक्सी स्टैंड पर अतिक्रमण मुक्त राष्ट्रीय राजमार्ग के लिए एक जागरूकता कार्यक्रम आयोजित किया गया।

Image
  एन. एच. आई. डी. सी. एल. क्षेत्रीय कार्यालय - गंगटोक द्वारा सिलीगुड़ी टैक्सी स्टैंड पर अतिक्रमण मुक्त राष्ट्रीय राजमार्ग के लिए एक जागरूकता कार्यक्रम आयोजित किया गया। राष्ट्रीय राजमार्गों को अतिक्रमण मुक्त और सुरक्षित बनाने की दिशा में एक महत्वपूर्ण कदम उठाते हुए राष्ट्रीय राजमार्ग एवं अवसंरचना विकास निगम लिमिटेड (एन. एच. आई. डी. सी. एल.) क्षेत्रीय कार्यालय - गंगटोक ने दिनांक 14.10.2024 को सुबह 11:00 बजे सिलीगुड़ी टैक्सी स्टैंड, गंगटोक पर एक जागरूकता कार्यक्रम का आयोजन किया। इस कार्यक्रम का उद्देश्य स्थानीय लोगों और वाहन चालकों को राष्ट्रीय राजमार्गों पर अतिक्रमण से होने वाले खतरों और इसके कानूनी परिणामों के बारे में जागरूक कराना था। एन. एच. आई. डी. सी. एल., क्षेत्रीय कार्यालय - गंगटोक द्वारा यह पहल राष्ट्रीय स्तर पर सड़क सुरक्षा को बढ़ावा देने और राष्ट्रीय राजमार्गों पर होने वाले दुर्घटनाओं को कम करने के उद्देश्य से की गई। राजमार्गों के किनारे अतिक्रमण, जैसे अवैध निर्माण, अस्थायी दुकानें और अनधिकृत पार्किंग, यातायात के प्रवाह को बाधित करते हैं, और दुर्घटनाओं की संभावना को बढ़ाते ...

What exactly is Skimming

This Blog is written By Mr. Kusmankar Student of Lloyd Law College, Greater Noida.


A type of fraud which occurs when an ATM is compromised by a skimming device, a card reader which can be disguised to look like a part of the machine. The card reader saves the users' card number and pin code, which is then replicated into a counterfeit copy for theft.

This article deals with steps taken by RBI in a chronological order to ensure secure and fool proofing electronic transactions.

1.      Working group was established by RBI in march 2011 to address the problem of Skimming[1]

It was noted that Card Present (CP) Transactions (transactions at ATM and POS delivery channels) constitute the major proportion of card-based transactions in the country. Although a PIN validation is necessary for cash withdrawal at ATMs, majority of the card transactions at POS are not enabled for any additional authentication (other than signature). A majority of the cards issued by banks in India are Magstripe cards and the data stored on such cards are vulnerable to skimming and cloning.

The Group has noted that Aadhar biometric data would serve as a secure the second factor of authentication even for Magnetic Stripe Cards obviating the need mandating a switch over to EMV Chip and Pin card regime, which has cost implications for the industry. The Group has recommended that the need for a move to EMV Chip cards could be considered after 18 months depending on the progress of Aadhar.

While the RBI is processing the report, we are aiming at a secure 2FA for all card-present transactions without being prescriptive about the technology to be deployed for the purpose.

2.      Moving further the Reserve Bank of India on 22nd Sep 2011, based on the report submitted by the Working Group, directed to initiate immediate action for accomplishing the following task within the time indicated.

Infrastructure/ Readiness for card acceptance

  • Commercial readiness of acquiring infrastructure to support PIN for POS transactions, POS infrastructure to be ready for accepting EMV chip cards has to complete by June 30, 2013.
  • Enablement of all POS terminals to accept debit card transactions with PIN has to complete by June 30, 2013.
  • Banks and other stakeholders were also ordered to be ready from a technical perspective to issue EMV cards by June 30, 2013. It is, however, clarified that banks are free to migrate to EMV Chip and Pin based technology based on their commercial judgment and decisions taken by their Boards.

3.      ON May 7, 2015, It was further decided to completely Migrate to EMV chip and Pin cards from magnetic strips only card within a given time frame.[2]

  • The Reserve Bank has adopted a phased manner of implementation of security and risk mitigation measures in card transactions as evident from the instructions issued from time to time. The acceptance infrastructure is getting geared to accept EMV chip and pin cards.
  • However, in the case of card issuance, while some banks have already moved to EMV chip and pin cards issuance, a large number of banks continue to issue Magnetic stripe cards.
  • Thus, given the level of readiness of the card acceptance infrastructure at the point of sale and also the implementation of PIN@POS for debit cards, the time is appropriate to move further along the path to migrate away from magnetic stripe only cards to chip and pin cards.
  • Accordingly, banks are advised that with effect from September 01, 2015 all-new cards issued – debit and credit, domestic and international – by banks shall be EMV chip and pin based cards.
  • The migration plan for existing magnetic stripe only cards will be framed in consultation with stakeholders and a timeline for the same will be advised in due course.

4.      ATMs Security and Risk Mitigation Measures for Card Present Transaction Aug27,2015[3]

  • While the POS terminal infrastructure in the country has been enabled to accept and process EMV Chip and PIN cards, the ATM infrastructure, on the whole, continues to process the card transactions based on data from the magnetic stripe. As a result, the ATM card transactions remain vulnerable to skimming, cloning, etc. frauds, even though the cards are EMV Chip and PIN-based. It has, therefore, become necessary to mandate EMV Chip and PIN card acceptance and processing at ATMs also. Contact Chip processing of EMV Chip and PIN cards at ATMs would not only enhance the safety and security of transactions at ATMs but also facilitate preparedness of the banks for the proposed “EMV Liability Shift” for ATM transactions, as and when it comes into effect.
  • Banks in India and the White Label ATM operators are, therefore, advised to ensure that all the existing ATMs installed/operated by them are enabled for processing of EMV Chip and PIN cards by September 30, 2017. All-new ATMs shall necessarily be enabled for EMV Chip and PIN processing from inception. For the purpose of switching, clearing, and settlement of their ATM transactions, banks with the approval of their Board, may join any authorized ATM/Card network provider.
  • Further, in order to ensure uniformity in card payments ecosystem, banks shall also implement the above requirements at their micro-ATMs which are enabled to handle card-based payments.
  • A quarterly progress report should be sent the Chief General Manager, Reserve Bank of India, Department of Payment and Settlement System, Central Office, Mumbai in the appended format for the quarter ending June/Sept/Dec/March by 15th of the month following the quarter-end.

5.      Control measures for ATMs – Timeline for compliance- June 21, 2018[4]

  • The slow progress on the part of the banks in addressing the issue of many ATMs running on an unsupported version of operating system (Windows XP) has been viewed seriously by the RBI. The vulnerability arising from the banks’ ATMs operating on an unsupported version of operating system and non-implementation of other security measures, could potentially affect the interests of the banks’ customers adversely, apart from such occurrences, if any, impinging on the image of the bank.
  • In order to address these issues in a time-bound manner, banks and White-Label ATM Operators are advised to initiate immediate action in this regard and implement the following control measures as per the prescribed timelines indicated there against:

No.

Control Measures for the ATMs

To be completed by

a.

Implement security measures such as BIOS password, disabling USB ports, disabling auto-run the facility, applying the latest patches of operating

system and other software, terminal security solution, time-based admin accessed.

August 2018

b.

Implement anti-skimming and whitelisting solutions.

March 2019

c.

Upgrade all the ATMs with supported versions of the operating system. Such upgrades shall be carried out in a phased manner to ensure that in respect of the existing ATMs running on unsupported versions of

operating system,

 

i. Not less than 25% of them shall be upgraded by

September 2018

ii. Not less than 50% of them shall be upgraded by

December 2018

iii. Not less than 75% of them shall be upgraded by

March 2019

iv. All of them shall be upgraded by

June 2019

6.      Steps should be taken by Customer in spotting a Skimmer[5]

  • All you need to do is check the ATM machine prior to using it.
  • The card reader section might be extended than usual on a machine that has been tampered. If a keypad on the ATM seems to protrude oddly, check the keypad for it might be a fake.
  • Cover your ATM keypad whenever you enter the ATM pin.
  • Register for SMS updates to stay up-to-date with your bank transactions. This will help you get an alert when a suspicious transaction is done using your card. In the case of fraud, it needs to be reported as soon as possible.
  • The bank that has issued you the card will pay you back the money. If prima facie it is established that you are a victim of skimming fraud, the bank makes the payment upfront.
  • According to the RBI, the customer liability will be zero in a case where the unauthorized the transaction occurs in a third-party breach where the deficiency lies neither with the bank nor with the customer, but elsewhere in the system and the customer notifies the bank within three working days of receiving the communication from the bank regarding the transaction.


[1] https://rbidocs.rbi.org.in › PdfsPDF Working Group on Information Security, Electronic ... - Reserve Bank of India

[2] https://www.livemint.com › Wh... Why banks are upgrading your debit, credit cards - Livemint

[3] corporatelawreporter.com › security... Security Issues and Risk mitigation measures related to Card Not Present

[4] https://timesofindia.indiatimes.com › ... RBI ATMs: RBI asks banks to upgrade ATMs for greater security - Times of India

[5] https://m.economictimes.com › ... ATM fraud: ATM Skimming: Read this to save yourself from the new ATM fraud

Comments

Popular posts from this blog

एन. एच. आई. डी. सी. एल. क्षेत्रीय कार्यालय - गंगटोक द्वारा सिलीगुड़ी टैक्सी स्टैंड पर अतिक्रमण मुक्त राष्ट्रीय राजमार्ग के लिए एक जागरूकता कार्यक्रम आयोजित किया गया।

Gender inequality under personal laws

CRIME AGAINST WOMEN IN INDIA