Go Back   Team-BHP > Around the Corner > Shifting gears


Reply
 
Thread Tools Search this Thread
Old 12th December 2013, 13:59   #1426
BHPian
 
vrprabhu's Avatar
 
Join Date: Oct 2008
Location: Poona
Posts: 854
Thanked: 338 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by binand View Post
Even your VbV/MSC password that you enter once per transaction goes only to the issuing bank. But the scheme being discussed involves sending the PIN to the merchant's website or his payment partner's website.
PIN at POS is not as easy at looks the way it functions or the way we think about it.

Data encryption takes place at the POS terminal. The PIN validation takes place at the issuing bank level.

There are also standards set by PCI - DSS with regard to these. There is a rigorous testing and certification for the processes. If anyone tries to tamper with the POS terminal, it will simply stop functioning. (One problem in India is that during shopping, the card is swiped twice - once at the billing terminal and again at the POS - at many shops).

Even if the PIN is noted down by the merchant, it is practically impossible to misuse it - unless the card data is skimmed and the card is cloned.

What actually happens in our country the merchants are not liable when counterfeited cards are accepted by them - whereas in Europe / UK the law protects the customer and merchant is liable for frauds.

So, don't worry about PIN input at POS - only ensure that both the card and the pin are not given to the merchant. Ideal way is to get the card swiped in your presence and input the PIN there by covering the key pad.
vrprabhu is online now   Reply With Quote
Old 12th December 2013, 14:31   #1427
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 1,930
Thanked: 1,391 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by vrprabhu View Post
PIN at POS is not as easy at looks the way it functions or the way we think about it.

Data encryption takes place at the POS terminal. The PIN validation takes place at the issuing bank level.
The discussion is about using the PIN as the second factor in online (CNP) transactions.

Quote:
Originally Posted by vrprabhu View Post
What actually happens in our country the merchants are not liable when counterfeited cards are accepted by them - whereas in Europe / UK the law protects the customer and merchant is liable for frauds.
I am of the opinion that both these view points are wrong. One cannot attribute to the merchant the expertise and investment to detect counterfeit cards. The liability should always be on the issuing bank - they are the ones who ultimately sign-off on the transaction. I am hopeful that some of the RBI's directives of late is heading in this direction.
binand is offline   Reply With Quote
Old 12th December 2013, 15:06   #1428
Senior - BHPian
 
Join Date: Jul 2010
Location: Bangalore
Posts: 1,851
Thanked: 3,149 Times
Default Re: The Credit Card Thread

Some interesting points there, but don't answer my issue directly.

My ICICI Bank Credit card (chip & magstripe) DOES NOT ask for the 4-digit PIN for either transaction type (online or card-present/swipe at POS). Online transactions ask for VbV code, while POS transactions happen just by swiping/dipping the card into the terminal.

What am I missing?
Chetan_Rao is offline   Reply With Quote
Old 12th December 2013, 15:34   #1429
Senior - BHPian
 
fiat_tarun's Avatar
 
Join Date: Jan 2010
Location: Pune / Mysore
Posts: 1,107
Thanked: 574 Times
Default Re: The Credit Card Thread

Both my credit cards (HDFC & Citibank) do not ask for PIN. It's only the Debit cards that require it, as the RBI has mandated this.
fiat_tarun is offline   Reply With Quote
Old 12th December 2013, 17:10   #1430
BHPian
 
JohnyBoy's Avatar
 
Join Date: Mar 2013
Location: Navi Mumbai
Posts: 110
Thanked: 99 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by binand View Post
...
I am of the opinion that both these view points are wrong. One cannot attribute to the merchant the expertise and investment to detect counterfeit cards. The liability should always be on the issuing bank - they are the ones who ultimately sign-off on the transaction. I am hopeful that some of the RBI's directives of late is heading in this direction.
You are right. Bank is responsible, not the merchants. As long as the card swipes properly and get a 'Authorised' response for the transaction, the bank's job is done. Then it's up to the bank. (Except cases where customer denies he has done the transaction. In that case it is the responsibility of the merchant to provide proof - signed transaction slip).

Anyway, the banks will always try to blame the end customer when some fraud happens.
JohnyBoy is offline   Reply With Quote
Old 12th December 2013, 17:25   #1431
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 1,930
Thanked: 1,391 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by Chetan_Rao View Post
Some interesting points there, but don't answer my issue directly.

My ICICI Bank Credit card (chip & magstripe) DOES NOT ask for the 4-digit PIN for either transaction type (online or card-present/swipe at POS). Online transactions ask for VbV code, while POS transactions happen just by swiping/dipping the card into the terminal.

What am I missing?
- RBI had asked all banks to have the infrastructure in place for processing Chip-and-PIN transactions by 30/6/2013 (later extended till 30/11/2013).

- RBI had asked all banks to ensure all their cards currently in circulation are Chip-embedded cards by 30/11/2013.

- RBI has asked all banks to ensure all Card Present debit card transactions are Chip-and-PIN transactions starting 1/12/2013. Swiping is completely eliminated for debit cards.

- RBI has not said anything about when they plan to make Chip-and-PIN mandatory for credit cards for Card Present transactions.

- Some banks have anyway gone ahead and made Chip-and-PIN transactions the default. Many haven't, though they have all issued chip-embedded cards.
binand is offline   Reply With Quote
Old 12th December 2013, 20:57   #1432
Senior - BHPian
 
Join Date: Jul 2010
Location: Bangalore
Posts: 1,851
Thanked: 3,149 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by binand View Post
- Some banks have anyway gone ahead and made Chip-and-PIN transactions the default. Many haven't, though they have all issued chip-embedded cards.
Thanks!

Therein lies the crux of the issue.

Given the risk of fraudulent transactions, I'd think everyone would jump at more security options. Apparently not. They'd rather wait till it's made 'mandatory'.
Chetan_Rao is offline   Reply With Quote
Old 13th December 2013, 08:32   #1433
Senior - BHPian
 
Join Date: Dec 2008
Location: Bangalore
Posts: 1,930
Thanked: 1,391 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by Chetan_Rao View Post
Given the risk of fraudulent transactions, I'd think everyone would jump at more security options. Apparently not. They'd rather wait till it's made 'mandatory'.
Security is never evaluated in a vacuum - not at an individual level, not at the corporate or government level. It is almost always a trade-off between costs and benefits. I expect so far the costs were higher than the perceived benefits in the banks' calculations.

Once it is regulated/mandated, the cost of non-compliance gets added to the mix, and suddenly it becomes appealing to deploy it. :-)
binand is offline   Reply With Quote
Old 14th December 2013, 12:36   #1434
BHPian
 
AbhishekB86's Avatar
 
Join Date: Apr 2012
Location: New Delhi
Posts: 330
Thanked: 359 Times
Default Re: The Credit Card Thread

HDFC is starting to annoy me with calls much before my due date of payment and this is happened for the first time in 3 years this month. I am getting an average of 5 calls daily. I've used HDFC CC for 3 years now and have never made any late payment. In fact most of times I ensure I pay the full due amount. However, there have been instances in 2011 where I purchased a lot of things but paid subsequently every month and have never defaulted/or made any late payments.

This is why it is starting to annoy me. I get 2 automated calls and 3 calls from representatives daily. I have deposited the payment today morning and even after communicating the same to the agent I am getting repeated calls.

I also have a StanChart credit card and traditionally I've used it as a secondary card but now am thinking if I should just pay for HDFC and stop using it as a primary credit card. I don't want to be called 5 times a day much before the last day of payment. Highly annoying. HDFC card expires in April and I don't think I would want to reissue another credit card from them.

Also from in the bank experiences, HDFC is slowly starting to behave worse than public sector banks. I am not at all I saying I need hospitality in a bank but a little bit of politeness doesn't kill anyone. StanChart on the other hand is a pleasure to deal with.
AbhishekB86 is offline   Reply With Quote
Old 14th December 2013, 13:06   #1435
Distinguished - BHPian
 
phamilyman's Avatar
 
Join Date: Jul 2007
Location: Gurgaon
Posts: 5,578
Thanked: 3,323 Times
Default Re: The Credit Card Thread

SCB are no less a bunch of idiots. They sent a replacement credit card (due to frequent intl travel) without telling me to my office. For reasons known to God, it wasnt delivered (no idiot called me or the office landline either!!) - then they blocked my existing card. Its now been almost three weeks into this madness and no end in sight - they have taken two weeks and have not yet dispatched the card again to my home address.

On top of it, there's blatant lying by the Customer care staff, every time I call, i'm told, you only requested the dispatch in the previous call only sir.

They are otherwise awesome but I am thoroughly disappointed with their current behavior.
phamilyman is offline   Reply With Quote
Old 14th December 2013, 13:41   #1436
Team-BHP Support
 
Akshay1234's Avatar
 
Join Date: Dec 2006
Location: Mumbai
Posts: 9,737
Thanked: 6,297 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by AbhishekB86 View Post
Also from in the bank experiences, HDFC is slowly starting to behave worse than public sector banks. I am not at all I saying I need hospitality in a bank but a little bit of politeness doesn't kill anyone. StanChart on the other hand is a pleasure to deal with.
I got an HDFC card this past week, and I am already irritated with them. They gave us a Regalia credit card, which is apparently one of their best. Now it does come with an add on, and I found out that when the add on card is used all the alerts come to the primary card holders mobile no. Its a small thing, but ridiculous. I have a Citibank Platinum card too, and on that there is an option to have separate alerts for each card, and not all card alerts going to the primary card holders number - which is actually good since the person using the card should get the alert and know how much was charged. Was thinking of making HDFC my primary card and keeping the Citibank as a secondary card, but doesn't seem like thats going to happen.

Last edited by Akshay1234 : 14th December 2013 at 13:42.
Akshay1234 is offline   Reply With Quote
Old 14th December 2013, 14:52   #1437
Senior - BHPian
 
shankar.balan's Avatar
 
Join Date: Apr 2008
Location: BLR
Posts: 8,027
Thanked: 5,314 Times
Default

Call centres and BPO's do more damage to brands that can be imagined. Un trained staff, poor information availability and flow, poor quality resources and labyrinthine processes cause more heartache to consumers than anything.
shankar.balan is offline   Reply With Quote
Old 14th December 2013, 17:11   #1438
Team-BHP Support
 
noopster's Avatar
 
Join Date: Feb 2010
Location: Pune
Posts: 8,650
Thanked: 9,163 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by Chetan_Rao View Post
My ICICI Bank Credit card (chip & magstripe) DOES NOT ask for the 4-digit PIN for either transaction type (online or card-present/swipe at POS). Online transactions ask for VbV code, while POS transactions happen just by swiping/dipping the card into the terminal.

What am I missing?
Chip cards by default do not ask for the PIN to authenticate. I have had my HDFC and Axis bank cards replaced with chip cards even before teh recent decision to PIN-enable them. Interestingly, the PIN authentication was not enabled on the existing chip card- both banks instead sent me a replacement chip credit card with a separate PIN.

I have tried the HDFC card several times and in almost all instances it asked for the PIN and accepted it for the transaction. Only in one instance did it approve without the PIN, which I found surprising.
noopster is offline   Reply With Quote
Old 16th December 2013, 17:28   #1439
BHPian
 
iamswift's Avatar
 
Join Date: Oct 2009
Location: Madras
Posts: 178
Thanked: 61 Times
Default Re: The Credit Card Thread

Quote:
Originally Posted by AbhishekB86 View Post
HDFC is starting to annoy me with calls much before my due date of payment and this is happened for the first time in 3 years this month. I am getting an average of 5 calls daily.
Banks are supposed to thrive on late payment of credit card bills; this is a surprising act
iamswift is offline   Reply With Quote
Old 16th December 2013, 17:49   #1440
Awaiting Email Confirmation
 
Join Date: Mar 2009
Location: ............
Posts: 3,260
Thanked: 4,210 Times
Default Re: The Credit Card Thread

Today, I used my newly-issued, password-protected, chip-embedded Axis Bank Platinum Credit Card for two purchases. On both the occasions, the PoS terminals asked for the password. After entering the password, the payments were approved.
J.Ravi is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
Credit Card Purchase Surcharge 1.5% (and a discussion on TIPS) sam003 Shifting gears 114 6th February 2013 12:28
Online Credit Card Scam...Pls help!! crn12 Shifting gears 20 21st January 2013 16:06
Credit Card:Converting Outstanding amount to EMI/Pay only minimum amount due?Advise ashwinsid Shifting gears 26 11th September 2009 15:24
Scary News : Network Solutions loses Credit Card information emkay456 Shifting gears 0 28th July 2009 14:01
Credit card menace kutlee Shifting gears 39 17th August 2007 18:59


All times are GMT +5.5. The time now is 16:17.

Copyright 2000 - 2017, Team-BHP.com
Proudly powered by E2E Networks