Several Founders, Co-Founders, CXO Bankers, CXO Fintech professional & people who participated in the ePanel discussions:
- Prof. Triveni Singh, IPS Officer, Uttar Pradesh Police
- Mr. Sunil Kulkarni, Joint Managing Director, Oxigen Services (India) Pvt Ltd
- Mr. P D Singh, Former General Manager, Bank of Baroda
- Mr. Suresh Maharjan, Head Business Support and Payment Solutions at Siddharta Bank Limited
- Mr. Vikas R Panditrao, Co-Founder, Forum of Industry and Academic Knowledge Sharing (FIAKS)
- Many other CEO/CXO Bankers & Fintech professionals on FIAKS Forum requested to remain anonymous
In various parts of India news of ATM debit card cloning is on the rise and has become a regular phenomenon with fraudsters coming up with various hacks of cloning data.
FIAKS community member questions the use of EMV implementations and attempt by financial institutions to put innocent customers at risk
Member shares a recent incident of busting ATM Card Cloning-
He says we busted one card cloning gang in Azamgarh. The gang purchased skimming devices (card reader, card writer), blank plastic cards from Alibaba to bypass OTP from a cloned card itself. The delivery addresses were slightly different from the original one and mobile numbers given on delivery addresses were issued on fake KYC. They distributed skimmers to dealing operators on petrol pumps, hotels, and CSCs (where Micro ATM /ePOS devices were being used) to skim card and noted down the PIN or even installed spy camera to record PIN. The modus operandi is just as simple and tutorials are available on YouTube. These arrested 4 guys confessed to being trained by a Jamtara guy (Jharkhand based) in Mumbai. They also admitted that their gang members are active in Mumbai, Delhi, Gujarat, and Uttar Pradesh. And only in Azamgarh, they withdrew about 10 lakhs from cloned cards.
Yet another community member mentioned that his team arrested two hackers and an SBI Bank Official involved in multiple types of frauds ranging from cheque cloning, targeting net banking customers and stealing their banking details, international credit card cloning. The hackers were highly trained and used modern software to buy international credit card dumps thereby covering their digital log to escape arrest. They used MSR Reader/Writer, VPN, MAC address changer, Bitcoin, CCleaner, Telegram and several such hacks. The gang was also in touch with international hackers who had captured credit card Track 1 & Track 2 details of foreign customers. To avoid any legal action being taken, the hackers sell the data to criminals of other countries against a commission.[1] Given below is the image of the fraudsters arrested by Prof. Triveni Singh
So the question that poses up here are;
Question 1: Are banks/regulatory authority/card associations aware of such risks related to EMV?
Question 2: How can they put customers at risk with such a security feature or will they again claim that nothing is 100% safe?
Firstly, what is cloning and how it works? Register and Read the complete discussions