It was one of the most significant fraudulent attacks on credit cards and online banking systems in India: it only happened four days ago and caused damage worth millions of dollars. More than 3 million 200 thousand credit cards have been affected by the criminal phenomenon.
All major Indian banks have reported the problem (SBI, HDFC Bank, ICICI, Axis Bank and YES) and so millions of users will be forced to replace their card or, at least, to change their identification codes.
Of the total, about 2.6 million belong to the Visa and MasterCard, 600,000 instead refer to the “local” RuPay system.
Many victims have complained of unauthorized use by consumers in China.
It seems that the attacker must be traced back to a malware introduced in Hitachi Payment Services system, which manages the technological infrastructure and ATM and mobile platform security.
The smart solution in the case of computer fraud is prevention through two main services:
- Messaging Alert Services;
- One Time Password (OTP).
The first, the Alert service, provides real-time notification with regards to the movements and activities carried on cards and checking accounts. Notification is delivered exploiting the better channels, Push Notifications, SMS Bulk, SMS Premium and E-mail. In Italy, the Ubiquity platform has managed in the first nine months of 2016, approximately 593 Million Notifications, about 17% more than in the first nine months of last year.
The second product is OTP, One Time Password, which we have already discussed in the article BEYOND STATIC PASSWORDS: ONE TIME PASSWORD. A One-Time Password (OTP, passwords used only once, see. Wikipedia) is a password that is only valid for a single login session or transaction. The OTP avoids a number of shortcomings associated with the use of traditional passwords (static). The most important problem that is solved by OTP is that, in contrast to the static password, it is not vulnerable to attacks with replication.
The OTP Ubiquity service is an effective and safe way to reach users directly on mobile devices, thus replacing the token with a text message that can be requested if necessary by the user, allowing companies to reach a wider number of contacts with a low cost of implementation and use.
The Alert messaging services, as well as OTP, are provided through the “Global Messaging Platform” Ubiquity and can be configured to suit the specific needs of each customer and integrated with enterprise IT systems.
Ubiquity, Global Platform Company in 1999 managing mobile services on behalf of large accounts, has decades of experience in the “fraud protection” obtaining the consent and satisfaction, over the years, of almost all the Italian banks, reaching a position of absolute leadership. It is now extending this technological excellence and process to other