ICICI Bank has introduced a new type of Card which it calls “Innovative” and “Asia’s First”.
The uniqueness of the Card is that it carries an LCD screen and a 12 button keyboard. User needs to first register the Card with VISA CODESURE and subsequently, dynamic pass codes are generated for every transaction. There will be an inbuilt battery and a micro processor. The lifespan of the card is about 3 years.
Presently the card is being offered by “Invitation”.
Though the Bank claims that this is more secure, what we can see is that it is as secure as the single PIN that is assigned to the registered card and the dynamic generation of PINs has no value. In fact if the OTP was being sent through the mobile, then a thief who got hold of the Card and the Core PIN (say if it is written down or is found out by brute force or otherwise) needed to steal the mobile also. However in this system it is not necessary at all.
The Bank therefore needs to explain how this system is more secure than the mobile based OTP. RBI also needs to assure the public that the card meets it’s guidelines.
Naavi
A good and pertinent query has been raised and the bank will do well to answer , in the customer interest. By the By, with the increasing trend in cyber crimes, can the banks be mandated to undergo some tough external security clearance before releasing such processes? Its time for the Government & finance ministry to think on such preventive measures