KARACHI: The State Bank of Pakistan (SBP) expressed concerns
on Tuesday over the skimming of debit cards that caused a total loss of
Rs10.2 million to 559 customers recently.
The SBP asked
banks to go for the Europay Mastercard Visa (EMV) standards, which are
safe and protected, according to a press release.
The SBP
said only 296 customers have confirmed disputed transactions and Habib
Bank Ltd (HBL) is trying to limit the impact of hacking activities.
The
SBP statement did not say who the hackers were. It said the hackers
withdrew depositors’ money from various locations within and outside the
country.
“Customers’ information on debit cards of HBL was compromised by hackers through skimming to create its clones,” said the SBP.
The
SBP has been in contact with the HBL management to ascertain the losses
and ensure the return of money to the affected customers and
precautionary measures.
“HBL has taken several immediate
actions to determine and limit the impact of such transactions on
customers. Specifically, it blocked all identified debit cards that were
suspected to be misused and quarantined the automated teller machines
used in hacking activity,” said the SBP.
Until Tuesday,
296 customers confirmed the disputed transactions and the estimated
damage assessment done to the bank concerned is Rs10.2m for their
customers, said the SBP,
It noted that HBL has also
managed to start returning the money to depositors to the extent of
their losses. “Efforts are under way to determine losses to any other
banks’ customers using HBL ATMs and take remedial measures,” said the
SBP.
ATM skimming is an illegal activity in which account
details are stolen from the magnetic strip contained on the back of the
debit card. Such incidents have happened, sporadically, in Pakistan as
well, the SBP added.
The central bank has issued specific
regulations for the security of payment cards and internet banking to
safeguard depositors from fraudulent transactions. Under these
regulations, banks are required to develop and implement a comprehensive
framework for risk assessment, implementation of controls and
monitoring.
“Debit cards with a magnetic strip on their
backs – that store customers’ account details – are particularly
vulnerable to skimming and cloning. Debit cards, complying with EMV
standards, featuring a chip and offering two-factor authentication are
now considered most effective countermeasure to card-cloning through
skimming globally,” said the SBP.
The central bank issued
regulations for payment cards security in 2016 wherein banks are
required to develop infrastructure for EMV compliance and issue cards by
June 30, 2018.
“The SBP reassures bank customers that
complying with its responsibility of ensuring a smooth and safe payment
system, it will take every measure in coordination with banks to
safeguard the interest of depositors against any fraudulent activity,”
it said.
