Anti-Phishing, DMARC , ATM Fraud , Audit

SBI to End Magnetic Stripe Card Transactions

India's Banks Take Final Steps to Implement EMV Chip Cards
SBI to End Magnetic Stripe Card Transactions

Starting Jan. 1, State Bank of India will no longer accept magnetic stripe debit card transactions and will accept only EMV chip-based cards in compliance with an RBI mandate, which is designed to help prevent card fraud, including skimming and cloning.

See Also: AWS Customer Story: REI/FINRA (Japanese Language)

SBI already made the move to EMV for credit card transactions this year.

SBI says magnetic-stripe cards will be deactivated, and the bank is urging customers who have not yet done so to apply for a free chip card.

The Reserve Bank of India set a new deadline of Dec. 31, 2019, for banks to complete their migration to EMV chip-and-PIN debit and credit cards. The original deadline was December 2018, but banks failed to meet that requirement. (See: RBI Sets Deadline for Migrating to EMV Cards)

Most other Indian banks, including HDFC, Axis Bank, ICICI, RuPay, are in the process of completing the transition to EMV cards. Payment card companies such as VISA and Mastercard also are making the shift, security leaders say.

India may be the first nation to complete a migration to chip-and-PIN cards.

As of June 2018, there were 39.4 million active credit cards and 944 million debit cards in India, according to RBI. But RBI has not revealed what percentage of cards now in use are EMV-enabled.

Security experts, however, say that while most credit cards are now chip-enabled, the debit card conversion is still in progress.

The many challenges in making the move to EMV cards, CISOs say, include establishing a new security architecture to meet the needs of new transactional systems and gaining the necessary funding.

For domestic chip-based transactions, RBI has mandated providing an additional factor of authentication - a one-time password.

In a tweet, SBI said, "Apply now to change your Magnetic Stripe Debit Cards to the more secure EMV Chip and PIN based SBI Debit card at your home branch by 31st December, 2019. Safeguard yourself with guaranteed authenticity, greater security for online payments and added security against fraud."

Reasons for Delays

Sriram Natarajan , president, Quinte Financial Technologies - a global FinTech solutions company, says, "While EMV migration was made mandatory by RBI in 2017, banks did not pay much attention to the EMV migration, as they got involved in battling with the process of demonetization with focus on increasing the growth in the deposits."

While the majority of the banks have issued EMV cards to customers, a few of them have yet to get EMV certified because a few ATM switch service providers have not yet complied with EMV specifications recommended by National Payment Corporation of India

"About 30 to 35 percent of the ATMs are still not EMV ready and need to install the software to read these cards," says Dr. N. Rajendran, chief technology officer at National Payments Corp. of India.

Urgency for EMV

The move to EMV cards is seen as a way to help crack down on fraud, including skimming.

In skimming attacks, fraudsters install a skimming device in an ATM or PoS machine to obtain card data from the magnetic stripe. Because EMV cards now require use of a PIN and a one-time password sent to a mobile device, skimming and other types of fraud become more difficult.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.