SBI blocks 6.25 lakh debit cards after ‘suspicious’ transactions spike
Updated: Oct Legitimate, two thousand sixteen 23:Legitimate IST
By Beena Parmar and Ramesh Babu , Hindustan Times
The State Bank of India, the country`s largest bank, and its subsidiary banks blocked about 6.25 lakh debit cards of their customers after «suspicious» transactions spiked at third-party ATM machines.
Card holders were caught unawares as their cards were blocked without prior notice. The bank subsequently sent emails and SMSes to customers, alerting them to the blockage, and asked them to re-apply for fresh cards at their respective branches.
«About 0.25% of our cards have been blocked. We came to know that some of our customers have used them at some virus-infected ATMs. These were white label ATMs operated by Hitachi payment services,» said Shiv Kumar Bhasin, chief technology officer at SBI, without elaborating.
The bank reportedly blocked the cards to avoid misuse.
The total number of debit cards issued by the SBI alone till July-end was 20.27 crore. Of those, 0.25% or about Five.07 lakh cards have been blocked. Including those from SBI`s subsidiary banks – State Bank of Mysore, State Bank of Hyderabad, State Bank of Bikaner and Jaipur, State Bank of Travancore and State Bank of Patiala – about twenty five crore debit cards were issued.
Across many circles
«In the past 3-4 days, we eyed some unidentified and suspicious transactions at some ATMs and hence the cards were blocked instantly. The cards have been blocked across many circles,» a SBI branch manager in Mumbai said.
SBI customers emerge not to be the only victims of this ATM scam. «The harm has been done to many other bank debit cards, including foreign and private banks. This happened a month ago and we eyed some data of customers being compromised. With such large number of cards involved, we thought it was better to substitute the cards entirely. Largely the cards were magnetic-based,» said an SBI general manager treating the cards portfolio.
Retired IAS officer CV Ananda Bose, a customer of the Federal Bank, claims to have lost about Rs three lakh from his account in the scam.
«When my son in the US attempted to withdraw some money, he was informed that the account had insufficient funds. I instantaneously contacted my bank, Federal Bank, and MasterCard and I was told six transactions were made in last two days, emptying my account,» Bose said, adding that he filed a complaint with the bank and the US embassy.
The precautionary measures were taken by SBI in response to an advisory message by card network companies NPCI, MasterCard and Visa, wherein various banks in India were informed about a potential risk to some cards owing to a data breach.
«We`d like to emphasise that SBI`s systems have absolutely not been compromised and existing cardholders are not at any risk and can proceed to use their cards. SBI is in the process of issuing fresh cards at no cost to those card holders whose cards have been blocked,» an SBI spokesperson said.
ATM frauds have led to most banks taking precautionary measures by periodically reminding customers to switch their debit card individual identification number (PIN) or password on a regular basis (every month or in 3-6 months). Banks have also been asking their customers not to share the password with any other person, in order to avoid security breaches such as skimming and cloning of cards that could lead to data theft.
When police and forensic officials examined an ATM machine recently, they recovered a skimmer device hidden in the smoke detector on the ceiling. The chip in the card reader was also found liquidated and money was withdrawn from a number of branches in Mumbai. The police recovered movie of three foreigners and arrested one of them from Mumbai.
The Reserve Bank of India has asked all banks to upgrade their debit cards into chip-based EMV cards, which have added layers of security. In a chip-based card, information is not validated by bank servers unless the correct PIN is used, whereas information on a magnetic disrobe is lightly accessible.