Question : Credit Card Frauds

(a) whether the credit card fraud cases have increased manifold in the country during each of the last three years and the current year;
(b) if so, the details thereof and the reasons therefor along with the bank employees found involved in such cases, and the action taken against them so far, bank-wise;
(c) whether the Reserve Bank of India has directed all banks to add security features such as electronic chip and secret PIN to the credit cards keeping in view the rise in credit card fraud cases, if so, the details thereof;
(d) whether the cases of non-compliance of such directions by banks have come to the notice of the Government during the said period; and
(e) if so, the details thereof and the action taken/being taken by the Government/RBI against such banks, bank-wise?

THE MINISTER OF STATE IN THE MINISTRY OF FINANCE

(a) and (b) Details of ATM/credit card fraud involving an amount of Rs. 1 lakh and above, that occurred during the last three financial years, as reported by Scheduled Commercial Banks (SCBs) to the Reserve Bank of India (RBI), as per inputs received from RBI, are as under:
Financial year Number of cases
2016-17 614
2017-18 1,020
2018-19 639

Further, as per inputs received from Public Sector Banks (PSBs), no staff involvement has been found in credit card frauds.
(c) to (e) RBI has apprised that banks were advised to convert all existing magnetic strip cards issued by them to EMV chip and PIN cards before 31.12.2018. RBI has further apprised that as per latest data available from major card issuers, it is observed that 98.64 percent credit cards issued by PSBs and private sector banks are compliant with the EMV chip and PIN requirement.
RBI has issued comprehensive instructions in respect of security and risk mitigation measures related to electronic/digital transactions, including, inter-alia, the following:
(1) Steps for securing card transactions include online alerts for all transactions, cards for international usage to be EMV chip and PIN enabled, certification of merchant terminals, and conversion of all existing magnetic strip cards to EMV chip and PIN cards.
(2) Steps for securing Internet banking/electronic payments include capping the value/mode of transactions/beneficiaries, and daily limit and issue of alert on addition of beneficiaries.
(3) Steps for securing ATM transactions include requirement of PIN entry for all transactions, and enabling of all ATMs for processing of EMV chip and PIN cards.
(4) Steps for securing Prepaid Payment Instruments (PPIs) include informing customers if the same login is provided for PPI and other services offered by the PPI issuers, restrictions on multiple invalid attempts to login to PPI and time-out features, authentication of every successive payment transaction in wallet by explicit customer consent, requirement of additional factor of authentication for debit cards, provision of customer-induced options for capping the number and value of transactions, provision of suitable cooling period for funds transfer on opening of PPI, and issue of alerts for PPI transactions.
(5) RBI has also issued instructions limiting the liability of customers on unauthorised electronic banking transactions.
RBI has informed that upon receipt of any input regarding credit card fraud, the same is forwarded to the respective Senior Supervisory Manager of RBI for the banks concerned, for verifying the allegations and taking necessary action. However, if the cards are issued by a subsidiary/third-party company, the same is forwarded to the department concerned in RBI for initiating necessary action.
*****