The story of how fraudsters used credit card information to purchase airline tickets is giving the jitters to credit card users. Here is how to guard against getting cheated, says Sucheta Dalal
Until now, it was the ultimate sign of success to be able to hand over your credit card to a restaurant waiter, without even waiting for him to fetch a bill. The impact was even greater if you slipped him a gold or a platinum card with the air of being discreet.
Well, if that is your chosen method of impressing friends and business associates, you would be well advised to be more careful. You may be signalling to an unscrupulous waiter that you would not notice a couple of air-tickets loaded on to your credit card.
It is no wonder that the unravelling story of how fraudsters used credit card information to purchase airline tickets is giving the jitters to credit card users around the country.
The story so far is that Kingfisher Airline complained to the Economic Offences Wing of the Mumbai police of an online booking fraud of over Rs13.4 crore. The airline said that credit cards had been fraudulently used to book airline tickets online, which were later sold to passengers at a discount. Other airlines are now admitting to similar complaints and credit card issuers whose customers suffered the fraud have also filed police complaints. So far, the fraud is estimated at over Rs17.5 crore involving the booking of over 15,255 fake tickets in what appears to be a nationwide racket dating back to July 2005 at least. More importantly, not all the credit cards that were misused are Indian; in fact, as many as 60% to 70% of the abused cards belonged to foreign nationals.
Before you decide that metal, as in cash, is safer than plastic, think again. Even at Rs17.5 crore, the size of the fraud is insignificant when you consider that nearly Rs300-350 crore of transactions take place online every month. Banking sources say that there is nothing to be alarmed about the airline ticket scam, that cannot be fixed by better identification process on the part of the airlines themselves and some precautions by customers.
Remember, a fraudster needs four elements from a credit card to use it for online transactions -- name, credit card number, expiry date and the three-digit CVV (card verification value) code that is printed on the back of the card. All these are easily available on the card itself.
Additional identification features, such as the photograph on the card and the signature at the back have become redundant in the cyber age. So using credit cards safely, both on the Net and in physical transactions, needs some attention. Before going into the safety issues, let us understand the logic of Net-based transactions.
Apart from the obvious convenience of booking on the Net, bankers say that Net transactions give merchant establishments (credit card jargon for anyone who has a product to sell online) a definite saving. E-ticketing itself is estimated to save 5%-6%; in some transactions it is as high as 22%. The way the industry works is that the merchant establishment takes responsibility for fraud and abuse, because the card issuing banks operate on thin profit margins. Visa and MasterCard also insist that the customer invariably gets the benefit of doubt, otherwise it will discourage card usage. But both companies are constantly working at making security systems foolproof. They have authorisation systems that check each transaction against system-wide fraud patterns and personal spending habits and can also identify voice transactions. So customers making repeated fake claims are easily caught.
Companies are also aware that some fraud is inevitable, despite checks and balances, because scamsters are usually one jump ahead of business. So losses in the region of 1%-1.5% due to fraud are factored into the costs. Frauds trigger panic only when they become rampant and significantly breach these limits. Large e-commerce websites invest a lot of time and money in staying ahead of innovative fraud techniques. The better e-commerce sites ensure encryption and security, which is often announced through the Verisign logo.
But sometimes, airlines tend to cut the identification drill in order to facilitate ease of booking tickets. So if your chosen airline is strict about identification, it is a good thing -- not a hassle. Here are a few tips to ensure safer transactions.
1. It is your credit card and your money, so don’t be embarrassed about insisting on the transaction happening in your presence even if it means walking over to the cashier.
2. It is better to be safe than sorry. Proving you are the victim of fraud is a tedious and time-consuming process, even if the consumer ostensibly gets the benefit of doubt.
3. Always book tickets from known and reliable websites that display their security credentials and follow a proper registration process, for instance, official websites or those like Makemytrip.com, travelguru.com, cleartrip.com etc. Check for the Verisign logo.
4. Do not fall for offers of free tickets from unknown sources, which require your password or credit card details, especially to a telemarketer.
5.. Remember that the entire e-commerce business is in its infancy; business and banks are also learning as they go along. So avoid needless experimentation and adventurism on the Net. For instance, bankers point out that many gaming and pornography sites do not have adequate security.
6. Check your credit card statements regularly and report any dubious activity to your issuer immediately.
7. Your credit card issuer must have your phone number so that you can be contacted immediately in case of suspicious activity.
8. Avoid using credit cards for online transactions at Internet cafes and wireless hotspots.
9. If your bank calls to cross verify transactions on your card, you only need to confirm or deny the transactions without giving card details. If you are asked for details, insist on calling back the toll-free number of the issuer.
Indian Railways Is The Best!
It may surprise some readers, but the Indian Railways system offers the best protection against fraud. IRCTC insists on registration, which creates a database of members. Also, tickets booked online are sent through a courier, which ensures a second identification and, on cancellation, the railways do not return cash, but credit the amount to the customer’s account. B Madhivanan, General Manager at ICICI Bank says, thanks to this and some additional security features such as SecureCode, IRCTC’s incidence of fraud is next to nil, even though it is the third largest merchant organisation or business centre for credit card transactions. Incidentally, some airlines insist that online tickets can only be purchased for your own travel and Indian Airlines requires you to mention what identification you will provide while checking-in. This is for your own safety.