Reserve Bank Of India has introduced a new guideline for Tele-Shopping/ Mobile/IVR(Interactive Voice Response) Transactions, done using your credit card. As per this mandate, starting from 1st January 2011 onwards, all such transactions will require an additional password validation.
This has been done in order to avoid credit-card abuses and frauds, due to stolen/misplaced credit cards and secure all such transactions, done over Mobile or an IVR System. In its present form, a credit-card transaction over an IVR System requires Credit Card Number, Card Expiry Date and CVV Number for successful completion. So, if you lose your credit-card and it falls into wrong hands, they can easily use it to make any transactions over IVR System, as they have all the details relevant to your account, right on the credit-card itself !!
After this guideline is in place, apart from the aforementioned three things(Credit Card Number, Card Expiry Date and CVV Number), two other things that are required for performing a secure IVR transaction is Mobile Number and an IVR 3D Secure OTP (One Time Password). Without this OTP(One Time Password), you cannot complete your transaction. So even if you lose your credit-card, you don’t need to worry as the person will not be able to generate the OTP for his fraudulent transaction !!
After doing the same in Securing Online Transactions done over internet, this move by RBI will definitely go a long way in Securing IVR/Mobile Transactions, thereby reducing credit-card misuses and fraud from stolen/misplaced credit-cards.
Update : As lot of banks were not yet ready, Implementation of additional password for Tele-Shopping/ Mobile/IVR(Interactive Voice Response) Transactions has now been revised to 1st Feb 2011. So existing process will continue till 31st Jan 2011.