One of the most used financial products is the Credit card. We all spend so much time to get best credit card, but I have never seen someone, who has spend his time to fully understands the importance of the CVV number, One time password, Signatures on the back of credit card or how secure their credit card is overall ! . There are so many credit card frauds going on, and yet each of us thinks, that our credit cards are fully secure and it cant happen with us. However, this is really far from the truth, because of the 4 big myths people have about their credit cards and we will bust them today for you, so that you become a more powerful and informed investor!
Myth 1 – My Credit Card is secure, because no one knows my PIN/Password
When you make a transaction through a credit card in India, at the end of the transaction, you are asked to enter one more final PIN number, which makes your transaction more secure and gives you an additional layer of security. RBI had come up with this additional password requirement just last year. While you needed credit card number, expiry date and your CVV number to make a transaction earlier, now as an extra security layer, you need this additional PIN too.
However note that this is limited to online transactions on Indian websites only. When you make a transaction outside India, this additional step is not compulsory. This means that someone having every other detail of your credit card other than your PIN can also do transactions even if he does not know your PIN . You must have realized this yourself, if you have done any transaction outside India.
Myth 2 – No one knows my CVV number, so I am secure
One of the biggest myths about credit card is that, if no one knows your CVV number, its impossible to do the transaction. Take a small breath, while I tell you this.
“CVV is not always mandatory on all websites to make an online transaction.”
Yes, you heard right!. You can make a online transaction on few websites out of India with only the Credit Card number, the expiry date and obviously the name of the credit card holder. If you don’t believe me, here’s a small example.
Try to book a domain name at godaddy.com. I was almost numb, when I booked a domain name some time back, only to realise that the domain name was booked, but the site never asked me my credit card CVV number and I was like – “What ?! Seriously ?!” . I then found out, that asking for CVV number is just optional for credit card merchants. While some countries make it mandatory, others don’t. It’s just a choice!
So make sure you are safe, do this
- Scratch your CVV number on the back of your credit/debit card
- Always make sure the swiping happens in front of your eyes! , I know, it can be a little embarrassing for you, but its just an extra mile security, see if its possible for you
- Better do not use Credit Card at all , use Debit card instead!
Myth 3 – My credit card cant be duplicated.
Yes, your credit card can be duplicated and it happens in India. A card (credit or debit) might be using something like EMV chips or Magnetic strips, and that’s where the problem is at. While EMV chips are more secure, the magnetic strips are not!. If your card has magnetic strips, it can be duplicated.
Here is how it works …
Your card has a lot of data inside it and it sits on the magnetic strip. When the card is swiped, all the data is extracted from it, for verification purposes. Now some expert hacker with bad intentions, can extract all this data from the swipe machine and make a new card using a technique called Cloning. There are machines called “skimmers” , which helps in extracting the data from the swiping machines to a new card. If you are still wondering if this all happens in India, here is a story excerpt from Hindu website
According to the police, the machines were used to swipe cloned cards by one Rahul. The cloned cards were arranged by Pankaj Deewan, Yogesh Mahajan and Yasin through their contacts. The amount transferred to Dheeraj alias Rohit’s account was shared by the machine holder and cloned cards holder at 40:60 ratio respectively.
Following this, the police launched a hunt and subsequently arrested Dheeraj, Pankaj, Yogesh and Yasin. They purportedly told the police that the domestic cards were cloned by one Kamal and international cards by Devender Chauhan of Agra with the help of a professional hacker. The cards were cloned by obtaining information of genuine customers and then copying the same on a plain card having a magnetic strip. According to the police, the accused used skimmer (a device used to copy data from credit/debit card) for the same.
And if you still dont believe all this, here is a video you might want to spend time on
Myth 4 – The signature on the back on credit card does not matter much
One of the most misunderstood and unknown facts about credit cards is the signature on the back of the card. Let’s understand the rule today and lay this to matter to rest. If a credit card does not have a signature on the back, it’s an invalid card. As per the agreement between card issuer and merchant (the shops and hotels which give you the facility to swipe the cards), the merchant is supposed to check the signature on the back of card with the signature on the bill, and only if they match, the merchant should allow the card to be swiped.
However almost all the merchants avoid checking it, as if it does not matter at all. This is violation of terms and conditions and if you have lost a credit card which was SIGNED, and some transaction takes place, you are not suppose to be charged, because the merchant should have checked the signatures on card with the signature on the bill. What this means is that if there has been ever a fraud on your credit card, and you are asked to pay the money (Like this Incident) , just ask your card issuer to check the signature on the bill with your specimen signatures with them and if they do not match, they are not suppose to pay the merchant at all and let merchant take the loss for not doing their duty of checking the signatures.
This explains why you should sign your cards on the back and not leave them blank, because if someone steals your card and puts his signature on the back, then the transaction can be done successfully even if the merchant does his duty of checking the bill signature with the signature on card and in that case you are bound to pay the money to card issuer.
Tips to Secure your Credit Card
I hope, now that these myths are busted, you are a more informed and powerful person who the rules of the game of credit cards . To summarize, lets put out some tips to secure your credit card
- Do not share your one time credit card password (IVR) with anyone ever
- Scratch your CVV number and remember it in your head !
- While making any online transaction, make sure the website starts with https://
- While making any transaction offline like on petrol pumps , hotels etc, make sure its swiped in front of you as far as possible.
- Make sure the card is swiped on a machine which is issued by authorized banks and not some machine which looks suspicious , it can be a “Skimmer” machine which steals your data.
- Put a signature on the back of your credit and debit card, so that unauthorized transactions are not done and you are protected a card holder
- If possible, better use a credit card which has a small limit like 10k or 20k for shopping.
- There are virtual credit cards these days, you can use them for online transactions
If you ever had any incident that was mentioned here, please share it with others and if you have some thing to teach others, please share it here with everyone.
{ 78 comments… read them below or add one }
Yes Manish,
I am aware of Myth 1, when I had done a payment in international website, it didn’t ask for the PIN, just card number, card holder name and CCV were enough.
But It is astonishing to know even CCV is also not required in few cases. We have to be careful….
Thanks,
Deena
Yes.. CVV is also not asked by some websites , like I said http://www.godaddy.com is one of them !
I have faced the same situation mentioned in 2nd point while paying for some foreign certification. But what are the alternatives considering those certification and many other like sites will require credit card only and with a considerable credit limit as 10K or 20K is very less.
Hi Manish,
Thanks for the excellent article. Some qs:
1. Have there been cases where in case of a credit card fraud (physical swipe), the bank has agreed not to charge the holder because of a signature mismatch ?
2. Do you have a link for the rules/laws on point #4, i.e., it is the merchant’s responsibility to match signatures ?
I ask because as you mentioned, i have not seen any merchant in india match the signatures, while those in USA carefully check it everytime we swipe the card. In the incident you had linked to (card used when person is not there), the resolution was not mentioned.
Ayush
1. Cant give the references, but thats how legally it has to be and there are cases, just that I cant give you pointers
2. http://usa.visa.com/download/merchants/card-acceptance-guidelines-for-visa-merchants.pdf , see page 32 . it defines the merchant responsibility like this .
Hi Manish,
The link seems to be for USA ? Are these guidelines applicable in India also, and does RBI have any similar guidelines for credit cards ?
Thanks.
I didnt get a link for India , but I read the same thing on some articles and I think the Visa rules are same across countries, infact in the same PDF , in the starting it says that all are same for ASIA also . I am sure there will be the guidelines somewhere in RBI website, but I was not able to locate it for now .
I also come across such situation But thanks for this clear information on this topic. I was thinking like It might depend upon gateway whether to ask for that code or not..! Anyways, This will help me when I make online transaction.
Good to hear that you are now clear !
I have faced the same situation mentioned in 2nd point while paying for some foreign certification. But what are the alternatives considering those certification and many other like sites will require credit card only and with a considerable credit limit as 10K or 20K is very less. I am facing the same dilemma for quite some time and could not come up with any point…
Your question is not clear, what do you mean by “those certifications”
I actually meant that there are foreign websites where they only accept credit card . In those places you have no alternatives.
Yes , there is no alternatives . All we are doing in this article is making sure that people know how it works and do not live in some myths !
Yup. Thanks for the article. I will now be more careful and i have already implemented your “scratching the CVV” no. idea. Thanks again !!!
There is an alternative, by which you can indirectly use your CC via PayPal. If that website support PayPal then you can link your CC with PayPal account and this way you can keep your CC safe.
This applies only if site support PayPal.
Technology in financial transactions is a double edged sword. More and more people are using technology because of convenience, perceived benefits without knowing the threats, false notion of status symbol, only because it is affordable, to feel like in the modern world/updated etc. but hardly one tries to fully understand the procedures, importance of following standard and precautionary practices and learning to use the technology in a scientific/appropriate way. This is true about driving, use of mobile and internet, use of medicines and medical equipments, financial transactions and even the household equipments. Everyone is in a hurry. God bless them, God save them.
Thanks for sharing your views on this topic . Can you share what should be the limit of the usage of these kind of things . Are you negative about these technologies or just want people to first understand them and then go ahead ?
I am not suggesting exact number of usage allowed or limited to anyone but it should be used prudently and wherever necessary after assessing cost benefit, risks involved and it should not be just as a novelty or a fashionable thing. I am absolutely not against these technologies but as you said just want people to first understand them and go ahead. There must be mechanisms to make the people aware and all sort of authentic legal, technical help should also be easily, timely available for the people who might have suffered. I feel technology is being used to benefit the provider more than the user. There are many examples of this and customers have to use it even unwillingly because of no choice than to accept whatever is available. I strongly feel that end user’s needs and conveniences must have topmost priority and the only reason to implement technology.
Thanks for your views on this ..
dear sir,
excellent as usual.
but regarding myth 4 of sighning on backside.
let us say i have not signed and a thief signs it after stealing card phsically and purchases. yes agreed even if a merchant matches sign it will match with his since he only has sighned on backside. but u get bill and dispute, now card is with the thief, your signatures with card company any way are different from that on bill with merchant,
not understood how situation is different from if your signatures are there on card and do not match with that on bill and merchants in india has not bothered to match with that on card as is mostly the case. in any case card is now not with me to claim and contest either of above two cases.
regards
I am not sure about your case . If you put a signature on the card, then you are safe from your side. You are not liable to pay if the credit card signature and the signature on the bill does not match . Which will be the case if you SIGN The card, because the theaf wont be able to copy your signature . So credit card company itself will not issue the payment to the merchant and merchant has to take the LOSS , but if you do not sign it , then you will have to pay because merchant is safe here .
Are you clear now
sir but how will any body prove if i have signed or not as the card is not with anyone but the thief.
I agree Sandhu..Manish please explain..I don’t sign on any of my cards..I feel it insecure as anybody can see my signature and try to clone them.
Done !
yes sir that is also the point. looking at my signature some expert may be able to put at least simillar signature. and if thief has never seen my signature it will be totally mismatch from the records held with card company. so i think it will be easier to contest in 2nd case.
Sandhu
But it becomes tough for the theaf to copy your signatures. Either he will not pay attention and put his original signatures , in which case merchant should catch him and tell him that its not valid , or the signatures should mismatch (if it matches, then theaf was really smart) . IN worst case if it goes through , you can always show your original signatures on your ID which will not match with the signatures on the reciept .
Note that all this is overall the ways to bring down the chances of fraud , This can never eliminate it with 100% accuracy !
Hi Manish,
I really was not having any idea that how signature on the back on credit card can be so usefull. Thanks for sharing this. Yes you are correct Virtual card is great option for online transction. HDFC card having this facility.
Good to hear that .. spread this knowledge !
In the US, there is no risk to credit cards because the card usually comes with protection. All you need to do is call and say xxx transaction is not valid and you are good – no questions asked. I have had to use this feature 3-4 times and it was very easily done, quite cool. A couple of times, I have been alerted by the card company themselves as they have fraud detection systems that get triggered.
I’m not sure about this, but I think in India, cards don’t come with protection inbuilt like in the US and their fraud protection systems are not that robust. Which is why I am far more concerned about cards from Indian banks. I currently have a Kotak card (League Platinum) which comes with liability insurance from HDFC. As long as I report an invalid transaction within 7 days of the transaction, I am covered. There is no extra charge for this insurance cover and it was a feature of the card. So, I am hoping that I don’t have to worry about CVV, signature, online security, hacking, etc.
When taking a card, its a good idea to check for free protection on invalid transactions, fraud, etc. There is often insurance available but one has to pay for it, but that is not a good idea. The card company should handle this on their own or provide this insurance free of charge, like in the US.
Thanks for sharing that info . I feel that many cards will have these kind of protection features as well , Will study those and come back !
Actually, after posting this, I checked the fine print of my card’s fraud protection feature and its very cumbersome – one has to file a FIR and claim form, and what not. Also, 7 days is too less as it should be at least one billing cycle. Maybe I will have to look for a better option!
Until then, I’ll keep the credit limit low.
Thanks for sharing that !
Reminds me of an incident i had a couple of months back. I left the credit card at a hotel along with the bill and waited for the return. During that time i had an urgent call from office and i had left the hotel to office. Only after a day i realised i had left the card back at the hotel.
The guy at the hotel, first asked me to sign on a piece of paper and after comparing with the card signature which he handed back the card.
saved a lot of embarrassment
Incidentally i had never bothered about signing at the back of the debit card/food card/, but for some reason i had signed in this one.
thanks for sharing that incident .. clearly shows how important it is to sign the card
dear george,
don’t u think , any photo identity proof e.g. driving licence, voter card, passport, etc etc could have helped you.
i hope blank piece of paper with your signature is not left with the hotel guy for new type of fraud.
Thats true, photo identity proof would have also worked. But signature would be more convincing to the third person, i feel.
If credit card card is issued along with the photo of the card holder that would make things more secure.
I still doubt that credit card company in India will refund the amount if there is a fradulent transaction.
Has any one received the money back if reported as soon as SMS received on mobile for the same transaction ?
It can happen , when its a card swipe case and it was also a merchant mistake. If you loose a card which was not signed by you, then it will be considered as your mistake, even if you lost it .
Hi Ankur,
I had recieved refund from ICICI Bank Credit Card. There was a fradulent transcation of 15 k for some US website. I called them after recieving my bill. They asked me to write a letter naming the transaction and stating that I did not make it and Fax it on there Mumbai HO number.
I did that and in a weeks time it was resolved. Sometimes we do not recieve SMS also, like in this case. Its good to check your bill.
Regards
Shobha
Very informative article.
But I am not able to understand one advice “Better do not use Credit Card at all , use Debit card instead!” . As far as I know debit cards have the same shortcomings as listed above so how come it is more safer?
Hi Neerav,
Atleast the MasterCard/Maestro debit cards are much safer than credit cards, because we need to enter the PIN everytime we swipe it at the merchant (just like at an ATM). Unfortunately though, most banks are pushing the Visa debit cards, which don’t require PIN entry at the merchant, so they are more unsafe. However, some of the higher end Visa debit cards (Platinum etc) may come with features like cancelling fraudulent transactions that happened “N” days before …
1. RBI has mandated the use of EMV Chip and PIN Cards for Credit and Debit Cards in India wef June 30th, 2013, which means that every card produced henceforth will have a chip and will require a PIN (same as ATM PIN) to do even a swipe transaction. This date may change as banks may not be ready within the timeline but this will happen shortly.
2. CVV is the track data that is stored in the magnetic card and not the 3-digit number that you refer to. The 3-digit number at the back of the card is CVV-2; neither CVV-2 nor Verified-by-Visa/MasterCard Secure Code password is mandatory in many websites and they simply require only your card number and expiry date. However, in case there is a misuse on your card and no password has been sought by the website, you can still raise a dispute and the bank will refund the amount since the liability is with the merchant who is not compliant with this 2-Factor Authentication. Thanks to RBI, Internet based transactions are much safer in India than outside and so foreign cards being safer is just a myth.
***Speaking as a banker with 9 yrs experience in credit cards technology
I have been using credit cards from the day I started working, that was more than 7 years ago. Before i got my first salary, i was given the credit card without even verified for credit worthiness. But thankfully I never ever defaulted but had many near misses on frauds – would like share few
1) At Palika bazar, around 6 years ago I bought an expensive PS, while i was on my way back got a phone call from Bank that someone swiped my card thrice for different amounts ranging from 10k to 20k, which they immediately cancelled and and also blocked the card and sent me the new one. From that day I learn’t that certain places are not made for Credit Card usage. It’s your Judgement make it carefully.
2) I agree it’s not easy to live without credit cards, not because of financial reasons but because of ease and many places where you can’t live transact without it. Whenever i suspect, that there is possibility that my card is compromised, i will simply call the bank and tell them that by mistake I have damaged my card and ask for new card. Yes this may cost 100 to 500/- but worth every penny. Make sure you don’t tell them that you lost it, as in future if you are scammed they will argue that you were using your card carelessly.
3) If you have more than one card make sure you use one for online payment and another one at physical locations, this way you can keep track what are the possible location where you may have been tricked, in case of fraud.
4) Always, always make sure you leave a mark on merchant copy at merchant location, i write what ever amount I am paying along with signature. Not sure how beneficial is that but been told by a legal guy in case someone copies your signature you can claim that it’s not you, as you always leave a mark as well.
5) To be frank, there is no solution to CVV fraud that happen at foreign websites, and more importantly not many banks offer protections. Right now virtual cards seems to be the only solution but are very inconvenient for people like me who transact heavily – almost every other day. yes there is software from some banks who will give you instant virtual cards whenever they detect a online payment. But better we have global regulation for such transactions.
Now regarding Debit Card let me share a shocker regarding ICICI Bank Debit card. You don’t need PIN at all to swipe it at merchant machines, it works just like a credit card, heard many banks too are planning such Debit Cards. Once I used it at a petrol pump without a pin, but what happened next was a real shocker to me – the guy gave customer copy to me without asking for my signature on merchant copy. That was the only instance i ever used my debit card at merchant, but was enough to bring the hell out of me as that was my primary savings account.
To be frank we are at the mercy of law enforcement agencies who till now are doing fairly good job in tracking down the scamsters but many big frauds are still unreported or suppressed by financial institutions. Hope it changes, right now i feel pretty unsafe using plastic money.
Thanks for raising this issue.
Harsh
Thanks for that long comment Harsh .. there are many learnings in your one comment itself !
Thanks for that information Pradeep
I was aware that its called CVV-2 , but thought of use the word “CVV” itself, as thats how people know that ! . Anyways .. Good knowledge from your side. Why dont you also enlighten us on few things which you feel people should be aware about , but do not know about credit cards ! ?
Can you help us with some information which can be created as an articles? Atleast some pointers ?
God article Manish, One Important aspect. Nowadays-CC arel linked to a Mobile number- so any swipe on it is registered by SMS on mobile number; that helps the owner to understand any transaction happening on it- even if it is lost/misused. Also there’s OTP available on which makes it linked to Mobile numbers only.
Yes, I know that .. its really helpful , however here we are talking about things which can prevent the misuse at the first place, why to look for CURE , when you can PREVENT the issue !
Hi,
Thanks for the excellent article. Also, if possible, i request an similar article on advantages and disadvantages of instant credit cards and the procedure to get them. I am aware ICICI/HDFC provide instant cards. Are they being offered by public sector banks too ?
Regards,
Santosh
Will write on it soon !
Hi Santosh,
Yes, public sector banks do provide instant / virtual cards. I have savings account with SBI and they do provide virtual cards. Pasting some useful information
1.What is Virtual Card?
Virtual Card is a limit Debit card, which can be created using the Bank Internet Banking facility for ecommerce (online) transactions.
The Card can be used to shop online at any merchant website that accepts Visa Cards, without any difference from a regular plastic Card.
The Card will be issued by marking a lien on the selected account and actual debit to the account will take place only when the Card is used.
2.What is an e-commerce (online) transaction?
Electronic commerce, commonly known as e-commerce, refers to the buying and selling of products or services over electronic systems such as the Internet and other computer networks.
3.In general, what are the features of Virtual Cards?
•More secure:-
•It reduces the risk of exposing the underlying Credit/Debit limit as the Primary Card / Account details are not communicated to the Merchant.
•Card is valid up to a maximum of 48 hours or till the transaction is complete, whichever is earlier.
•As Card creation and online transaction is authorised only after successful validation of One Time Password (OTP) sent to your Mobile during the process.
•Highly Flexible:-
•It enables Bank customers to pay from any of their Internet Banking enabled accounts, having transaction rights.
•Card can be created for any amount, from Rs. 100 to Rs. 50,000 (Round rupees)
•Card can be used at any online merchant site that accepts Visa Cards.
•Easy to Use:-
•No separate setup/ installation or registration is required. Any customer having internet banking facility with transaction rights can create Virtual Card.
•Zero Loss:-
•No loss of interest as the Card is generated by marking a lien on the underlying account and the amount is debited only when actual transaction using the Virtual Card is completed, successfully.
4.Is my Virtual Card safer?
•Yes, the customer details (your bank account No., mobile No. , email address, etc) are not shared with Merchant / Vendor.
•The Card is a single usage card, i.e once used successfully it cannot be reused.
•The available window for Card usage is limited to a maximum period of 48 hrs.
•Card is created using secure Internet Banking website and Card limit is decided at the time of creation.
•Both Card creation and usage during online transaction are authorised only after successful validation of OTP, making it more secure. (Refer Q3 above)
5.What are the advantages for using Virtual Card for e-commerce transactions?
•Virtual Card provides an easy and secure way of transacting online without providing the Primary Card/ Account information to the merchant.
•It reduces the risk of exposing entire Credit/ Debit limit/ as the Primary Card/ Account information is not communicated to the merchant.
•Card is valid for a Max. of 48 hours or till the transaction is complete.
•The amount is debited only when actual purchase, using the Virtual Card, is completed successfully.
6.Who can create Virtual Card?
All customers of Bank having Internet Banking facility with transaction rights, can create the Card on-line.
7.Do i require separate registration to avail Virtual Card facility?
No separate registration / enrollment is required. Any Internet Banking customer with transaction rights can avail this facility.
8.How can I create Virtual Card?
•Login to your online banking account and click on “Requests” tab and select “Bank Virtual Card” option.
•Click on “Generate Virtual Card” tab.
•Enter the amount and select an account which will be debited for funding (initially lien-marking and later debiting) the Virtual Card.
•Enter the secure 8-digit password (OTP), received on your mobile.
•After successful validation, Card image with Card No., expiry date, etc will be displayed on the screen and your Card is now created and available for e-commerce transaction.
9.Can I generate my Virtual Cards from any Computer / Device?
or Do I need special application to create virtual Card?
You can generate Virtual Card from any computer / device that has internet access and a compatible browser i.e can open Bank’s Internet Banking website
All you need is an Internet connection and a compatible browser. Recommended browser: Internet Explorer version 5.5 and above or Mozilla Firefox 1.5 and above.
10.Where can I use my Virtual Card?
You can use your Virtual Card at all merchant websites in India that accept VISA/ MasterCard Debit Cards as a payment option (payment in Indian Rupee). However, sites such as the adult entertainment-sites, gambling-sites, etc, have been prohibited.
Note:
Virtual Card cannot be used at PoS machines or ATMs for cash withdrawal or for recurring/ instalments payments or for any other transaction that requires physical card.
* please check the merchant’s policy carefully.
11.How can I use my Virtual Card?
•Select required goods / services on merchant website.
•Select Debit Card / Visa Card from the payment options.
•Enter the Virtual Card details on the website.
•Enter your secure 8-Digit password (OTP), received on your mobile.
•After successful validation, you will receive SMS on your registered mobile confirming the transaction.
•After the transaction, the Card will be de-activated and cannot be used again.
12.What is an OTP?
OTP is One Time Password (Eight digits numerical) which is generated by bank for validating card creation and for confirming merchant transaction.
13.What if I do not receive OTP?
If you have trouble receiving your OTP, please click on the link provided at the bottom of the webpage and if you still face problem, please call helpline number to check whether your mobile is registered with Net Banking or not.
14.How many times OTP can be entered?
You can make maximum three attempts to enter the OTP. Your Card will be blocked on the 4th attempt, for security reasons, and you will not be allowed to do any transaction using this Card.
15.What will happen if I enter wrong OTP for 3 times?
If wrong OTP is entered for consecutive 3 times, Bank will block your Virtual Card and you will not be allowed to reuse or unblock the card, as a security measure.
However, you can cancel the Card to release the lien marked amount and if the Card is not cancelled it will expire automatically in maximum 48 hrs from the time of creation, and the lien on the blocked amount will be released.
16.Can I unblock my Virtual Card?
No, once the Card is blocked you cannot unblock or reuse the card.
17.What will happen to the amount, once my Card is blocked?
The amount will be shown as “lien marked” on the account. You can choose to cancel the Card to remove the lien and release the fund.
However, on expiry of the Card (i.e. within 48 hrs from the time of creation) the lien on the amount will be automatically released.
18.Can I earn interest on the balance?
Yes, Since the Card is generated by marking a lien and the amount is debited only when actual transaction is completed successfully, you continue to enjoy the interest, as applicable on your account, on the Virtual Card balance.
19.When will my account get debited?
The amount will be debited from the account only when actual purchase using the Virtual Card is completed successfully.
20.Is there any minimum or maximum limit for the Card generation?
Yes, currently the minimum amount for which a Card can be created is Rs 100/- while the maximum amount is Rs 50,000/- (per Card).
21.Can I create more than one Card or are there any limits on Card creation?
Yes, you can create any number of Cards subject to sufficient balance in the underlying account and with a maximum limit of Rs. 50,000/- per Card.
22.Can I re-load/top-up my Virtual Card?
No, the Card is one-time/single-use card and cannot be reloaded/ topped up.
23.What will be the validity of my Virtual Card?
The card will expire:
•As soon as the transaction is completed.
or
•If the Card is cancelled.
or
•The Card is not used for 48 hours after creation.
(Whichever is earlier.)
Please Note: The expiry date mentioned on Card image may vary from actual expiry date of the Virtual Card. The expiry date on the Card is in the mm/yy format and is only for the purpose of inputting while doing a transaction using the Card. It does not reflect the actual expiry date of the card, which is Max. 48 Hrs.
24.Can I reuse (do multiple purchases with) my Virtual Card before expiry?
No; the Card is one-time use Card and will get de-activated once used successfully.
25.Can I use my Virtual Card for partial amount?
Yes; you can use your Virtual Card for partial amount, provided the amount is below the Card value.
26.If the Card is used for an amount lower than the card value, what will happen to remaining value?
The remaining (unutilised) value is automatically released back to your account after the card is used.
27.What will happen to the amount, if I do not use my Virtual Card and the card has expired?
The lien marked on the underlying account will be released automatically after expiry of the Card.
28.I have generated a Virtual Card and don’t want to use it. What should I do?
You can simply cancel your Virtual Card, using “Cancel Virtual Card” option on banks website and the lien marked on the amount will get released.
If not cancelled, the Card will expire in 48 hrs after creation and the lien will be automatically released.
29.How can I cancel my Virtual Card ?
1.Login to your online banking account and Click on “Cancel Virtual Card” tab.
3.After you confirm the action, the lien on the amount will be automatically released.
30.When will my account get credited after cancellation?
Immediately on cancellation, the lien will be released. (However, it may take few minutes in some cases)
32.Can I view all the Cards created and the transactions done on each Card?
You will be able to view all the Cards and transaction history of each Card created during past 3 months (with limit of max. 100 Cards).
33.Is my Virtual Card an International Card?
No, the Virtual Card is a domestic Card and can be used for online payment in Indian Rupee (INR) in India, Nepal and Bhutan only.
34.Can I use my Card for payment in a currency other than Indian Rupees?
No, currently the Virtual Card can be used for payments in INR only.
35.Is there any issuance charge or any annual fee for using Virtual Card?
No issuance / annual fee is charged currently. The facility is available to all Internet Banking customers free of cost.
36.Will the Bank guarantee timely delivery / quality of the goods/ services if purchased through Virtual Card?
No, the Bank shall not guarantee or be responsible for delivery / quality of the goods purchased using Virtual Card.
37.If I suspect that someone has seen my Virtual Card details, can someone use it for fraudulent transactions?
As the card usage is protected through OTP (One Time Password), which is only sent to the customer’s registered mobile phone, the chances of fraudulent transaction are very low. However, the customer must take adequate precaution to ensure that the Card details are not disclosed to any person who may misuse it.
39.Can I withdraw Cash using my Virtual Card?
No; the Card can be used only for making online payments in INR on merchant websites that accept “VISA/MasterCard” Debit Cards.
40.Can I use this Card for Mail Order or Telephone Order (MOTO) purchases?
No, the Card can be used only for making online payments in INR at sites that accept the “VISA/MasterCard” Debit Cards. Currently, this facility is not available on this Card.
Thanks. Eagerly Awaited !
Good information Manish.
Just wanted to share information for safty.
Even if someone wants to opt for the Credit Cards then you should ask for the “Lost Card Liability” with the provider. Some banks do provide this and this keeps you safe even if someone with cloned card swiped your cc account.
There is also a CPP (Card Protection Plan) some banks offer they charge you some annual fee and with this service you can register all your credit and debit cards. So in case you lost ur card then you can make a single call and have it blocked or report a fraud transaction at CPP.
Yea .. i am aware about CPP and even wrote about it – http://www.jagoinvestor.com/2010/05/how-to-insure-your-credit-and-debt-cards.html
Eye opener article……i know in some website they don’t ask one time password…..but not asking even CVV is a big surprise……Thats too risky….i will share one instance….nearly one year back i got stan chart. platinum credit card and the docs required were any credit card front page photocopy which has a credit limit of 60k…….i also asked stan chart. official that it can be misused , he assured me to only give front page photo-copy of CC and not to share my CVV number photocopy page….today i am realizing i have done a big mistake….financial ignorance….Thanks for such a wonderful article….
Welcome
Few days back I was shopping in Globus and when I moved to pay the amount using my CC. I was shocked, they were keying in all my CC details ( Name on CC, CC number and expiry date) in their system manually. I told them “You are not suppose to take my CC information into your system by externally entering it, the movement you swiped my CC all relevant information is captured in your system.”. They said “This is how we do always and no one can use this information as CC online transaction requires password”. I explained them the same information that anyone can use it without even the password. They finally said “This is our procedure and our system requires that information”.
I even reported this to my bank and till the date I did not received any response from bank.
thats scary . I would have asked them to forget me as a customer then, and asked him to call them their manager ! .
1. Signature mismatch gives no protection to customers and as per Visa norms, the liability remains with the customer only. Missing signatures can be disputed as fraud transactions but I believe that this is also being modified by Visa such that the liability remains with the customer only. Chip and PIN cards will be a reality soon enough, so this problem should be reduced to quite an extent.
2. Practically, all websites in India will ask for both CVV-2 (CVC-2 in case of MasterCard) and 3-D Secure password since both card issuing banks and merchants are bound by the RBI Guideline. In case anyone doesn’t (which is pretty unlikely since this will be a compliance violation), you can complain to both the bank and the Nodal Officers/Ombudsmen.
3. After the RBI Guideline on 2Factor Authentication, the number of Internet related frauds have come down drastically, esp in India. Foreign websites inclusing popular ones like Facebook, itunes, Google etc ask for CVV-2 while registering for the first time but after that only card number and expiry is asked by them for subsequent transactions. From a customer perspective, there isn’t necessarily a risk because you can raise a dispute on this and get the refund because the Card-Issuance Bank is compliant but the merchant is not.
4. A main fraud area where there isn’t a control now is MOTO (Mail Order Telephone Order transaction) where the Card Number and Expiry are entered by the merchant manually, like in Insurance or Magazine subscriptions. RBI has asked banks to bring in 2F Authentication here also but the complexity of doing it an environment where neither the Card nor the Cardholder is present has meant that no consensus has emerged on how this needs to be handled.
Thanks for that information . I was of impression that if you sign the credit card, then when some one tries to do a fraud, and puts his signature on reciept, the onus is on merchant for this to double check if the signature on card matches with the receipt , I was look at some PDF yesterday by VISA and it had put this as a responsibility of merchant .
It is not surprising to find even reputed magazines in India, have subscription forms which not only ask for the credit card number but also CVV. (Example: Down to earth)
Is it .. thats so scary !
I have also been a victim of credit card fraud transaction, and as recent as the end of 2012. I disputed my transactions (HDFCbank cc) and the service guys obliged. But my would you believe it, the fraud transactions worth around 60,000 INR were done in the U.S of A ! Fairly surprised me, but good though, i might add, since all i had to do was prove that i was not in US on the day of transactions. Had it been a fraud in India, the bank guys would probably have billed me and then i would have had a tough time arguing about that !
and to think they had this extra-safe chip embedded in it, making it ultra safe
IMO, if its must to have a credit card, its safe to have only one; common for both personal & professional use; we have our debit card anyways. (many people including me have this feel good factor about having one VISA and one MASTERCARD enabled card, just in case one or either is not accepted somewhere ! i realise now foolish that is)
Santosh
thanks for sharing your experience .. Truely speaking , all these tools are for convinience and at some level , some risk is always there, we have to try that we should not over rely on these cards and as far as possible use debit card for transactions and only use credit card for online transactions , thats what I personally do .
Manish
if i put my signature at the back of the card. the person who found the card obviously will make similar signature on the bill. and shopkeeper obviously do not have experties to observe the difference.
so i dont think it adds any security by signing it.
in fact i feel if i dont sign at the back, then definitely the person who is misusing it can not even imagine about my signature. And later while i am claiming that i was not the person who made this transaction, it will be easy for me to put onus on CC company because the signature must be entiely different.
agree more than 100%
in godly way, it is best to do that ‘ i will do my best and god ( credit card company/ regulator/ bank/ merchant) will take care of the rest.
but otherwise, why we forget indian way of life, ‘Jeewan kay hay teen nishan, roti, kapada or makan’.
and i do not trhink any thing out of these in india need any of these cards.
we creat rather purchase a problem and then strugle to solve it.
regards, an excellent article to reinforce my thouts.
serious respect for u manish…
i read ur book jago investor..its kickass
well i watned to know about property..real estate in mumbai..
have u written any book on that:? please let me know..
i needed more information.
thank you
God bless
Thanks Rahul
We do not have anything written only for MUMBAI , but there are few articles like
http://www.jagoinvestor.com/2012/11/background-check-for-small-size-real-estate-builders.html
http://www.jagoinvestor.com/2010/08/tips-while-buying-house-real-life-experiences.html
YOu might also want to open up threads to ask questions on our forum – http://www.jagoinvestor.com/forum/
Very nice and informative article Manish. I have decided long back even before I fell in love with jagoinvestor I have decided that I will never use Credit Card in my life. I just don’t need it. I can very well manage with my 2-3 Debit Cards.
Keep up the good work Manish.
While that may seem a good idea . but make sure you are not compromising on your credit score betterment by not using credit cards ! .
Manish,
I have a thought on credit card usage.
Now a days the bank guys issue credit card worth 2 to 3 times of your take home salary, which can be a big amount(say > 1lac credit limit). I do 3/4th of my purcahses through credit cards(~5-8k). I don’t see any use of such high credit limit unless it is an emergency situation. So what i follow is to have just 2 credit cards.
Card 1: Regular usage card (Cash back card), all my purchases are made through this & my monthly bill doesn’t exceed 10k. So I talked to customer care & reduced the credit limit to 20k with zero cash limit. It will be helpful to track our expenses at end of each billing cycle.
Card 2: Stand by card, Keep it safely in home. It has a higher credit limit. Use only if there is a real big need.
Is it ok to keep high credit limit unused?
Let me know your thoughts on this.
-Penchal
Card 2:
Yea , this is a good idea .. I would say there is no need to reduce your limit to small amount like 20k , better keep it 2 times of your maximum purchase possible , like if you feel that max to max your expenses in any month can reach 25k , then better have a credit limit of 50k .
Rest all is good
i wud like some info about credit cards:
1.say i have 2-3 credit cards and i want to cancel all of them and retain one only will it affect by credit rating???
2.wht is the best plan for protecting the fraudulent use of ones credit card?
3. which is the best protection plan for credit cards?
4.how to create a virtual card?
kindly guide?
1. Not much ..
2. Read the article again, its discussed the good points .
3. Check this http://www.jagoinvestor.com/2010/05/how-to-insure-your-credit-and-debt-cards.html
4. It must have been explained on your credit card website !
Manish
http://economictimes.indiatimes.com/personal-finance/credit-cards/news/wont-lose-money-in-card-fraud-if-secure-codes-safe/articleshow/18587764.cms
Thanks for sharing that link Vijay
Can you explain how to identify a SKIMMER form a normal swiping machine?
A normal skimmer is a small machine which looks very raw . The genuine ones will have a company logo !