Safe usage of Debit /Credit cards
Cards are among the most widely used payment methods and come with various features and benefits such as security of payments, convenience, etc., Debit and credit cards are a form of plastic money, it is a payment card that can be used in place of cash. These are usually issued by banks and can be classified on the basis of their issuance, usage and payment by the card holder.
It is necessary digital users are aware of uses, threats and safe online practices to be followed while using Debit/Credit cards for payments.
Types of cards
There are three types of cards: Debit cards, Credit cards and prepaid cards.
Debit card:
It is issued by the bank where you have an account. It is linked to the bank account. User can use this card to withdraw cash up to the limit present in his/her bank account. It can also be used only for domestic fund transfer from one person to an-other.
Credit card:
It is issued >by banks / other entities approved by RBI. Unlike debit cards, in case of credit cards, a customer can also withdraw beyond the amount of money present in his bank account. But there is a limit for each credit card up to which extra money can be withdrawn. Also there is a time limit and interest charges to be paid back.
Prepaid card:
These are pre-loaded cards from a customer’s bank account. It can be used for limited amount of transaction. These can be recharged like mobile recharge and are very safe to use.
The main advantage of debit/credit or prepaid banking cards is that they can be used to make other types of digital payments.
Examples : Visa card, Rupay, MasterCard etc.,
Debit/Credit card uses
Online purchases
- With debit card, user can also use the ATM to carry out other financial and non- financial transactions such as finding out bank balance, depositing cheque or money, getting a mini statement, etc. without visiting the bank branch.
Withdrawing cash at ATM machines
- To withdraw money from an ATM, user needs to insert his/her debit/credit card and type in your unique PIN Number (4 digits) which is provided by the bank. The maximum amount that can be withdrawn per day is set by the bank.
Used for payments at Point of Sale (PoS) machines
While shopping at major retail stores and shops, the following process is followed:
- User gives the debit card to the cashier at the store
- Merchant runs the card through PoS machine
- Merchant types in the amount of the purchase
- Comsumer types in the PIN of the card
- Customer gets SMS on his registered mobile for transaction completed
- Merchant keeps the signed receipt and hands a copy to the user for records
- Machine prints out a receipt which has to be signed by the user
Used for online transactions
Bank debits (deducts) the amount of purchase directly from user’s account
Threats
Credit/Debit card fraud
Credit card fraud is committed by making use of credit/debit card of others for obtaining goods or services. The threat emerges due to stealing of information like Credit card number, PIN number, password etc. Theft of cards and cloning of cards are also employed to commit such frauds. Hackers use complex techniques like Phishing, Skimming etc. to gain credit card information from innocent users.
Phishing
Phishing is a way of attempting to acquire information such as user-names, passwords, and credit card details by masquerading as a trust-worthy entity through e-mail. Phishing is typically carried out by e-mail spoofing and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Skimming
Skimming is the theft of credit card / Debit card information. Thief can procure victim’s credit card number using basic methods such as pho-tocopying receipts or more advanced methods such as using a small electronic device (skimmer) to swipe and store hundreds of victim’s credit card numbers. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim’s credit card and makes note of card details for further use.
Vishing
It is one of the method of social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of “voice” and “phishing”
Social Engineering
Social engineering involves gaining trust hence the fraudster poses as a member of staff or even security guard. The fraudster would then ask the customer to check the card for damages. The fraudster would have gained confidence from his prey using various tactics such as offering assistance to the customer who perhaps would have tried to use the ATM without success or perhaps the customer who is not familiar with use of ATM machine and requires assistance.
Best practices for users to remain safe
- Do not share your card information over the phone or internet with ANYONE, irrespective of whether you know them or not.
- Do not give any card or personal information while answering a telephone call where the caller claims to represent the card issuing bank or any related organization. You can always call back the bank on publicly displayed numbers, if required.
- While making payment at a merchant location or service provider like restaurants, etc., always check the bill and insist on punching in your PIN rather than hand over your card for processing the payment.
- Always retain the transaction receipt for comparing against the card statement that you receive at the end of the month. Most people throw this away and do not match against the amount charged in the statement.
- Do not throw away the transaction receipt when you are done with it. Tear it or shred it. Dumpster divers are known to sift through garbage bags meticulously and retrieve all your card related information that can then be used to conduct unauthorized purchases, especially over the internet.
- While using an ATM, ensure that no one is watching your finger movement as you type your PIN. Watch out for cameras within the premises that can easily capture your PIN number. Try and cover your hand while you type in the PIN.
- Always memorize your card and PIN numbers, and in case of any loss or theft, report immediately to the concerned bank so that they can temporarily freeze your account and prevent any further unauthorized transaction until you receive your card replacement.
- Never save your card password in a regular folder in your computer hard drive or email account. If the account gets hacked, there is every possibility that an unauthorized transaction will take place.
- While making a payment over the internet, check for the security logo on the website confirming it as a safe site. If in doubt, check with the concerned company before making any such payment.
- Avoid keeping your credit or debit card in the wallet. In case your wallet gets stolen, you will at least have access to money at that moment.
- Download banking apps directly from the bank website and avoid using links that you receive via email or SMS to download your banking app.
- As card users, have to do your part towards securing your hard earned money, while the banks need to work harder towards securing information and money
