Bangalore, Dec 27: After directions from the City police to provide mandatory safety measures at ATM kiosks, banks have received more directions from the cyber police to follow a foolproof security system before processing online transactions.
In the wake of increasing cases of online account hacking, the cyber police have directed banks to contact the account holder over phone before processing a transaction. The police have also cautioned that banks will have to repay the customer if an account is hacked because of negligence on the part of the bank.
œThe banks have to strictly follow verification of transaction requests by speaking to the customer over phone, the CID officials told banks.In the Karkala case, cyber police found that the miscreants had undertaken the transaction from Dubai. This year alone seven cases of online account hacking have been reported at the cyber police station.
A senior police official said that presently banks are following an SMS key system (one-time password) to ensure safety. The cyber police have asked mobile phone service providers to be careful over requests for blocking sim cards.
œIt has come to light that after hacking an online account, fraudsters call mobile service providers requesting to block the sim card, stating that the mobile phone has been lost. With this, the SMS alert to the actual account holder about the online transaction also gets blocked, the official said.
As per the IT Act, bank customers who lose money through online transactions without their authentication can file for adjudication before the IT Secretary.
IT secretaries of the State are the'adjudicators' under Section 46 of the IT Act. They hold the quasi-judicial status equivalent to a civil judge and are the sole authority for providing compensation to cyber crime victims for amounts up to Rs 5 crore.
Victims of phishing in the State have been approaching the IT Secretary for adjudication under the IT Act. For a long time, successive IT Secretaries had kept mum on these applications.
However, two years ago, when M N Vidyashankar was the IT Secretary, several applications were disposed of in favour of the banks. The IT Secretary's order declared that under Section 43 of the Act, the word'person' means only an individual and not a'company'. Hence, banks will not be liable to pay compensation.
œWith this police direction, victims of phishing cases may press for compensation. However, it will also be interesting to see how banks react to this direction since they either have to individually cross check with each customer or enhance security features of online transactions, cyber law expert N Vijayshankar said.
Comments
Add new comment