Should Banks be Liable for Fraudulent Internet Transactions as Well?
I almost couldn't believe my eyes when I read a recent ruling (they called it a landmark judgment) stating that Banks in Maharashtra are now liable for any transactions involving forged signatures. The ruling stated the following:
It would seem more blatant if banks had a low cost option available to them which enabled them to utilize two-factor authentication, the same way they ALREADY do for ATM access!
Considering the fact that they have "already" issued the cards and "already" issued the PINs, it seems to me there is a "glaring deficiency" in "not issuing" the card reader and PIN entry device in order to enable secure 2FA log-in. Especially considering that the cost is less than 5% of a "single" phishing attack
While I'm on the subject, can you imagine the repurcussions if banks were ruled liable for any transaction done via a deficiency involving an internet transaction? (typing someone elses card numbers into a box on a merchant checkout website is not efficient)
One of the repurcussions is that there would be millions of HomeATM's devices out in the street within 6 months of any such ruling. Why wait for courts to decide? Why not do the right thing without government intervention? I would further point out that there are only two types of debit, PIN and Signature. If a web transaction is conducted without a PIN, then what type is left? And how is entering a debit card number into a box any different than forging a signature?
Here's the article from a site called "Money Control" in India. Banks now liable for transactions using forged signatures
I almost couldn't believe my eyes when I read a recent ruling (they called it a landmark judgment) stating that Banks in Maharashtra are now liable for any transactions involving forged signatures. The ruling stated the following:
Wow! Can you imagine if US courts issued a similiar mandate? Wouldn't you 100% agree (okay maybe 81.4%) that logging into online banking with a "username and password" is "a deficiency" in a service provided by banks?""cases involving fraudulent signatures highlight a deficiency in the service provided by banks, and adds that the bank will have to compensate the affected party for any loss from such a transaction."
It would seem more blatant if banks had a low cost option available to them which enabled them to utilize two-factor authentication, the same way they ALREADY do for ATM access!
Considering the fact that they have "already" issued the cards and "already" issued the PINs, it seems to me there is a "glaring deficiency" in "not issuing" the card reader and PIN entry device in order to enable secure 2FA log-in. Especially considering that the cost is less than 5% of a "single" phishing attack
While I'm on the subject, can you imagine the repurcussions if banks were ruled liable for any transaction done via a deficiency involving an internet transaction? (typing someone elses card numbers into a box on a merchant checkout website is not efficient)
One of the repurcussions is that there would be millions of HomeATM's devices out in the street within 6 months of any such ruling. Why wait for courts to decide? Why not do the right thing without government intervention? I would further point out that there are only two types of debit, PIN and Signature. If a web transaction is conducted without a PIN, then what type is left? And how is entering a debit card number into a box any different than forging a signature?
Here's the article from a site called "Money Control" in India. Banks now liable for transactions using forged signatures
In a landmark judgment by the Maharashtra Consumer Commission, banks will now be held responsible for any transactions using forged signatures. CNBC-TV18's Neha Pandey reports.
Banks in Maharashtra will now have to be more alert in their daily cash transactions. Passing an order in a case involving a forged signature on a financial instrument for the first time, the Maharashtra State Consumer Commission has taken banks to task. The order charges banks of negligence for carrying out a transaction involving such a forgery.
The order says banks will be held responsible for transactions involving forged signatures. The commission says that cases involving fraudulent signatures highlight a deficiency in the service provided by banks, and adds that the bank will have to compensate the affected party for any loss from such a transaction.
This landmark judgement was passed in a case filed against Bank of Baroda, where the bank honorred forged cheques worth Rs 1 lakh from a company's account to one of its employees. Experts say that usually such cases go in the bank's favor. The order also instructs the bank to compensate the affected party with the entire amount, along with a 9% interest. Wow, talk about a paradigmly shifting moment in time!