Take a look at this post by Bhavin Shah talking about how insecure Visa Electron based debit cards (like my ICICI debit card) are. He has learnt this the hard way when HDFC bank refused to entertain any disputes on a fraudulent charging of Rs. 25,000 on his stolen card.
You are not asked to enter your PIN while swiping these debit cards.
There is no obligation on the part of the merchant to check the signatures with that on the back of the card.
Banks are not entertaining any disputes on fraudulent transactions on these cards (unlike credit cards).
Apparently, this major security flaw is only in Visa Electron based debit cards. Mastercard’s Maestro requires the card holder to actually authorize the transaction by entering the pin.
As Bhavin rightly mentions in the post:
comments powered by Disqus
I still don’t get it - when they openly admit that no PIN is required for a VISA card, how do they claim that the transaction was “authorized”?