From 1st Dec 2013, for using your debit card at retail outlets, you need to use your existing ATM PIN. This is as per RBI mandate. For details call PhoneBanking — an SMS sent by HDFC Bank on Thursday to those who use its debit cards. Metro tries to decode the new debit card rule.
What does the SMS mean?
It means that for every merchant transaction that involves payment through debit card — for example, shopping at a mall, payment at a restaurant or petrol pump — the debit card holder would have to key in the ATM PIN after the card is swiped at the handheld electronic device. The transaction will be validated only after the account holder keys in the PIN.
Will debit card users have to do this across India?
This would be applicable across the country and across every merchant transaction.
Will users of debit cards issued by other banks have to do the same?
No. Many debit cards will not require PIN to be entered at the merchant terminal.
However, customers of some banks other than HDFC already have to key in their ATM PIN to validate transactions. For example, Maestro debit cards require a PIN to be entered at the merchant terminal.
Why is this being done?
To increase security of card transactions. If entering a PIN is mandatory then someone with a stolen card will not be able to use it for payment at merchant outlets.
The RBI has asked all banks to put in place measures to make card transactions more secure. The banks are looking to develop backend technology to enhance security. Those banks that have not introduced the system are in the process of doing so. HDFC is implementing the system from December. The terminals will have to be modified to read the full service code on the card and prompt for PIN.
Will entering the PIN in public be safe?
According to bankers, the debit card user would be able to request privacy at the merchant outlet while entering the PIN. The device would be given to the user to key in the pin.
Will the restaurant bring the machine to the table?
Yes, that is the norm.
Can the PIN get stored in the machine?
The PIN cannot be stored accidentally in a handheld machine. To record the PIN, someone will have to use a special device deliberately. Even if the PIN is collected in this manner, the debit card itself will also have to be cloned to carry out a fraudulent transaction. The SMS notifications that customers get on use of their card can be a safeguard against this.
What are retail outlets and restaurants doing?
“Our cashiers at the check-out counters hand over the swipe machine for customers to key in their PIN. We have already placed orders for specially designed mobile swipe terminals, which ensure that the key-in process is visible to none but the customer only. We hope to put them in place in the next two months,” said Mohit Kampani, president and CEO, Spencer’s Retail Ltd.
“We have wireless or remote machines, which we can carry to the customer’s table. But sometimes, there’s a link problem, so we request them to come up to the cashier. To ensure privacy and put them at ease, the cashier and the manager move away when the customer is entering the pin,” said Debashish Ghosh of Mainland China.
What about credit cards?
The RBI has asked banks to introduce this security measure for all card transactions. The banks would have to gradually migrate to the system.
For credit card transactions, the RBI has asked banks to determine a threshold limit for international usage. The threshold limit would have to be determined by each bank after taking into consideration risk profile of the customer. But till the time the banks are able to develop a robust system, a predetermined limit can be set by the banks for all credit cards.
