Concerned over rising incidents of cyber frauds, the RBI will soon ask banks to shift to chip- based ATM cards from the existing magnet strips ones and upgrade the currency vending machines.
The RBI working group on information security, electronic banking and technology risk management has also made a case for setting up special cells on banking frauds in the state police departments to deal with bank related cyber crimes.
"It is recommended that RBI may consider moving over to chip-based cards along with requiring upgradation of necessary infrastructure like ATMs/POS terminals in this regard in a phased manner," said the report of the working group headed by RBI Executive Director G Gopalakrishna.
While pitching for chip-based cards, the report said, it is difficult to copy and make their duplicates as compared to the existing magnet strips ones, which are currently used.
Besides, the working group has recommended widespread changes in the existing IT system of the Indian banking industry to make banking services more safe and secure.
"The Reserve Bank will begin implementing the recommendations of the Working Group shortly," the central bank said in a statement.
More From This Section
In case of online frauds where jurisdiction is not clear and there is ambiguity on where the police complaint should be filed, the working group has recommended setting up separate cell on bank fraud in police departments.
"The matter of having a separate cell working on bank frauds in each state police department, authorised to register complaints from banks and get the investigations done on the same, needs to be taken up with respective police departments," said the report.
It has also suggested that for debit or credit card transactions at the POS (point of sale) terminals, PIN-based authorisation should be put in place instead of the signature-based system.
The non-PIN based POS terminals, it added, should be withdrawn in a phased manner.
The RBI had set up the working group in April 2010 to suggest guidelines for banks covering the entire gamut of electronic banking.
On cloud computing, the report said security and legal issues on it are still evolving and "a bank needs to be cautious and carry out due diligence to assess the risks comprehensively before considering cloud computing."
Cloud computing, which is internet-based, facilitates software applications and other technological resources to be shared online.
The working group report added that given the nature of the problem of cyber security, engagement is required at a wider level both nationally and internationally, with the government, law enforcement agencies, various industrial associations and academic institutions.
The report found that most retail cyber frauds and electronic banking frauds would be of values less than Rs 1 crore.
But "since these frauds are large in number and have the potential to reach large proportions, it is recommended that the Special Committee of the Board be briefed separately on this to keep them aware of the proportions of the fraud and the steps taken by the bank to mitigate them," the report said.
The Special Committee should specifically monitor the progress of the mitigating steps taken by the bank in case of electronic frauds and the efficacy of the same in containing fraud numbers and values, it added.
The experience of controlling/preventing frauds in banks should be shared between banks on a regular basis, it added.