Banks must dial a/c holders before online transactions

They may have to repay if negligence leads to hacking

Banks must dial a/c holders before online transactions

After directions from the City police to provide mandatory safety measures at ATM kiosks, banks have received more directions from the cyber police to follow a foolproof security system before processing online transactions.

In the wake of increasing cases of online account hacking, the cyber police have directed banks to contact the account holder over phone before processing a transaction. The police have also cautioned that banks will have to repay the customer if an account is hacked because of negligence on the part of the bank.

A recent case referred to the cyber police from Karkala in Udupi district prompted the directions to banks. Miscreants hacked into an online account of a Non-Resident Indian in Canada and authorised a transaction of Rs one crore. Only after processing four transactions did the bank contact the account holder over phone. They soon realised that the account was hacked.

“The banks have to strictly follow verification of transaction requests by speaking to the customer over phone,” the CID officials told banks.In the Karkala case, cyber police found that the miscreants had undertaken the transaction from Dubai. This year alone seven cases of online account hacking have been reported at the cyber police station.

A senior police official said that presently banks are following an SMS key system (one-time password) to ensure safety. The cyber police have asked mobile phone service providers to be careful over requests for blocking sim cards.

“It has come to light that after hacking an online account, fraudsters call mobile service providers requesting to block the sim card, stating that the mobile phone has been lost. With this, the SMS alert to the actual account holder about the online transaction also gets blocked,” the official said.

As per the IT Act, bank customers who lose money through online transactions without their authentication can file for adjudication before the IT Secretary.

IT secretaries of the State are the ‘adjudicators’ under Section 46 of the IT Act. They hold the quasi-judicial status equivalent to a civil judge and are the sole authority for providing compensation to cyber crime victims for amounts up to Rs 5 crore.

Victims of phishing in the State have been approaching the IT Secretary for adjudication under the IT Act. For a long time, successive IT Secretaries had kept mum on these applications.

However, two years ago, when M N Vidyashankar was the IT Secretary, several applications were disposed of in favour of the banks. The IT Secretary’s order declared that under Section 43 of the Act, the word ‘person' means only an individual and not a ‘company’. Hence, banks will not be liable to pay compensation.

“With this police direction, victims of phishing cases may press for compensation. However, it will also be interesting to see how banks react to this direction since they either have to individually cross check with each customer or enhance security features of online transactions,” cyber law expert N Vijayshankar said.

Narendra Modi or Rahul Gandhi? Who will win the battle royale of the Lok Sabha Elections 2019

Get real-time news updates, views and analysis on Lok Sabha Elections 2019 on 

Like us on Facebook or follow us on Twitter and Instagram with #DHPoliticalTheatre for live updates on the Indian general elections 2019.

Liked the story?

  • 0

  • 0

  • 0

  • 0

  • 0