Go Back   Team-BHP > Around the Corner > Shifting gears


Reply
 
Thread Tools Search this Thread
Old 22nd December 2010, 13:05   #1
GTO
Team-BHP Support
 
GTO's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 46,509
Thanked: 80,156 Times
Default Now, one-time-password for credit cards from 1st, Jan 2011

Nice move, I fully support it. Though it entails an additional security step, using your credit card for online payments just got that much safer. Some corporates impose a similar security layer when employees need to log into the VPN (as an example).

What do you think?

Receiving the following email from my CC company:

Quote:
ONE TIME PASSWORD (OTP)

Important Notice for online and merchant IVR transactions:

Effective Jan 1, 2011, online & merchant IVR transactions
(E.g. Tata Sky, Vodafone etc) will require a One Time Password (OTP) for executing the transaction. The OTP is a six digit number and you are requested to generate an OTP prior to every such transaction.

Getting an OTP
Please SMS OTP XXXX (Last 4 digits of the Credit Card number) to 52484 or 9880752484 to generate an OTP.

Using OTP
Please key in the OTP alongwith other card details required such as card number, expiry date and CVV number, for completing the transaction.

Validity of OTP
The OTP is a single use password valid for 30 minutes from the time of placing request.

Please note: Online transactions will continue to be authenticated by the Internet PIN (IPIN) and similarly CitiPhone banking will continue with Telephone PIN (TPIN).
GTO is offline   Reply With Quote
Old 22nd December 2010, 13:08   #2
BHPian
 
fuel_addict's Avatar
 
Join Date: Jul 2010
Location: Mumbai
Posts: 691
Thanked: 111 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

An extra hassle but goes an additional step in ensuring safer online transactions. What is not clear is whether you need to send an SMS every time you have to generate an OTP?

Last edited by fuel_addict : 22nd December 2010 at 13:10.
fuel_addict is offline   Reply With Quote
Old 22nd December 2010, 13:20   #3
Senior - BHPian
 
msdivy's Avatar
 
Join Date: Aug 2006
Location: Bangalore
Posts: 1,426
Thanked: 770 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

SBI already has OTP for every online transaction. Is this new process same as that?
msdivy is offline   Reply With Quote
Old 22nd December 2010, 13:54   #4
Distinguished - BHPian
 
dhanushs's Avatar
 
Join Date: Oct 2009
Location: Bathery/BLR
Posts: 3,406
Thanked: 3,930 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Definitely makes online transactions much safer.

Quote:
Getting an OTP
Please SMS OTP XXXX
I'm not sure about the reliability of various mobile service providers. For eg; Sometimes it takes ages for me to add a payee in ICICI Bank, which employs a similar method for adding payees.

Is there any other way to generate an OTP?
dhanushs is offline   Reply With Quote
Old 22nd December 2010, 14:19   #5
BHPian
 
patron's Avatar
 
Join Date: Jun 2010
Location: Bangalore
Posts: 188
Thanked: 102 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Quote:
Originally Posted by GTO View Post

Getting an OTP
Please SMS OTP XXXX (Last 4 digits of the Credit Card number) to 52484 or 9880752484 to generate an OTP.
Surely a nice move but isn't sending SMS to these number's Rs. 3/message? Another hassle, suppose you forget your mobile while doing a transaction, you are stuck. But it's all for security so still worth it I guess.
patron is offline   Reply With Quote
Old 22nd December 2010, 14:29   #6
Senior - BHPian
 
ghodlur's Avatar
 
Join Date: Sep 2009
Location: Thane
Posts: 4,924
Thanked: 1,912 Times
Smile Re: Now, one-time-password for credit cards from 1st, Jan 2011

Uptil now the OTP's were mainly used during registering a biller or an third party payments or for inter bank transfers. Good to know that they are being introduced for Credit cards too.

One ques though how is this different from the one time secure password which is presently available with most CC's. This is very much there for VISA cards, dont know if there's for Mastercard too. Every Visa card needs to be registered for one time password. This is there in my HSBC and Stanchart cards.

If only the OTP could replace the CVV code which is normally reqd for online payments, then it would have been better.
ghodlur is offline   Reply With Quote
Old 22nd December 2010, 14:34   #7
Distinguished - BHPian
 
sgiitk's Avatar
 
Join Date: Dec 2007
Location: Kanpur
Posts: 7,042
Thanked: 3,586 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

I pain in the a$$. What happens when you go abroad and have to make a payment!
sgiitk is offline   Reply With Quote
Old 22nd December 2010, 14:40   #8
BHPian
 
Newpunter's Avatar
 
Join Date: May 2010
Location: Bangalore
Posts: 640
Thanked: 40 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Am I missing something? I thought this applied only to IVR transactions, not online transactions. Online transactions already have an additional layer of security like the "Verified by Visa" but an OTP would definitely improve security. But seems like this OTP is only applicable to IVR transactions as of now. I have used IVR only a couple of times when booking accommodation through Yatra.com. I'm not sure if IVR is used that widely.

Quote:
Originally Posted by fuel_addict View Post
What is not clear is whether you need to send an SMS every time you have to generate an OTP?
Each OTP is valid for only one transaction and expires 2 hours after it is generated. So you do need to send an SMS everytime you need to use this. Ofcourse, I think there would be an option in the IVR itself which would send the OTP directly without us sending an SMS ( otherwise , we might have to disconnect our phone and then send an SMS or use another phone to send the SMS during the IVR process.

Last edited by Newpunter : 22nd December 2010 at 14:43.
Newpunter is offline   Reply With Quote
Old 22nd December 2010, 14:40   #9
Senior - BHPian
 
Join Date: Dec 2006
Location: Bangalore
Posts: 1,226
Thanked: 408 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Quote:
Originally Posted by sgiitk View Post
I pain in the a$$. What happens when you go abroad and have to make a payment!
Exactly my first thoughts!
I have a banking a/c with Axis bank and they have this stupid process every time you need to login. Recently when I was out of India I just couldnt use it for paying my bills! Its quite frustrating!
joslicx is offline   Reply With Quote
Old 22nd December 2010, 14:42   #10
BHPian
 
Rocky_Balboa's Avatar
 
Join Date: Aug 2006
Location: Namma Bengalooru
Posts: 580
Thanked: 54 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Nice move.

@ fuel_addict,
As I understand OTP is valid for only one transaction. And You have to send an SMS for every transaction.
Rocky_Balboa is offline   Reply With Quote
Old 22nd December 2010, 14:43   #11
Senior - BHPian
 
safari_lover's Avatar
 
Join Date: Feb 2007
Location: Bengaluru / Bagdal
Posts: 1,054
Thanked: 367 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Why do they want us to SMS? Will this sms be free?
I think providing an RSA key generator would be ideal for OTP.
I have one for my HSBC Savings A/c and am required to use it for all online transactions.
safari_lover is offline   Reply With Quote
Old 22nd December 2010, 15:05   #12
BHPian
 
Milestone's Avatar
 
Join Date: Jul 2010
Location: Bang Bang !!!
Posts: 103
Thanked: 27 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Quote:
Originally Posted by fuel_addict View Post
An extra hassle but goes an additional step in ensuring safer online transactions. What is not clear is whether you need to send an SMS every time you have to generate an OTP?
+1

I dont think its required to generate pin all the time. If thats the case one should always have the registered mobile along for the transaction.

Cheers !!!
Milestone is offline   Reply With Quote
Old 22nd December 2010, 15:24   #13
BHPian
 
Join Date: Oct 2009
Location: Bangalore
Posts: 53
Thanked: 9 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

This is only for the IvR transactions and not the internet transactions. Internet transactions already have the security step built in. This is for where you dial a number and it asks you to enter your credit card, followed by the date of birth for authentication etc.

Also, I doubt that you would dial into an IvR which is based out of India to renew your Tata sky subscription while you are travelling abroad. The IvRs based abroad will possibly not have this step, just like if you do a transaction with a foreign vendor over internet, they do not ask for the extra authentication
v-drive is offline   Reply With Quote
Old 22nd December 2010, 15:36   #14
BHPian
 
Newpunter's Avatar
 
Join Date: May 2010
Location: Bangalore
Posts: 640
Thanked: 40 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

Quote:
Originally Posted by Milestone View Post
I dont think its required to generate pin all the time. If thats the case one should always have the registered mobile along for the transaction.
Cheers !!!
I think the RBI has made this mandatory , so all credit card companies will be implementing this from Jan 1st ( but i have read that this is only for IVR transactions and not sure if it applies to online transactions ) . Regarding the cases when we want to complete a transaction from a different country, I think the OTP will be sent to both the registered mobile as well as the registered E-mail id. So even if we do not receive the SMS, we have a backup option in the mail.
Newpunter is offline   Reply With Quote
Old 22nd December 2010, 16:07   #15
BHPian
 
Join Date: Aug 2008
Location: Bangalore
Posts: 217
Thanked: 5 Times
Default Re: Now, one-time-password for credit cards from 1st, Jan 2011

The mail I got from HDFC says it is only for IVR transactions. Which makes sense because online transactions already have a third layer of security - PIN.

Quote:
We understand that when you purchase products or avail services with your HDFC Bank Credit Card through a telephone (IVR) you expect complete security and convenience. Starting
1st January, 2011 these (IVR) transactions need to be authenticated with an additional password. This is mandatory as per the RBI guideline.
OTP is also sent to the registered email id.

Quote:
Alternate Options:
  • You can call customer service to request for your IVR OTP
  • Receive automatic OTP on call -If you are performing a transaction and have not requested for an OTP already, an OTP will be triggered to your registered mobile number and email ID, while the transaction is in process
bullinb is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
ICICI bank launches Ferrari range of credit cards Tushar Shifting gears 28 21st June 2016 10:17
Now, a password for your vehicle pjbiju Shifting gears 11 26th February 2011 22:26
How to use Credit cards smartly DCEite Shifting gears 36 13th February 2008 11:12
Citibank, HSBC under MRTPC lens for Violation of RBI norms on credit cards rkg Shifting gears 8 6th July 2007 18:54
SCAM Alert on Indian Credit Cards GTO Shifting gears 10 3rd November 2006 21:40


All times are GMT +5.5. The time now is 20:03.

Copyright ©2000 - 2017, Team-BHP.com
Proudly powered by E2E Networks