Sucheta Dalal :More Secure Online Transactions
Sucheta Dalal

Click here for FREE MEMBERSHIP to Moneylife Foundation which entitles you to:
• Access to information on investment issues

• Invitations to attend free workshops on financial literacy
• Grievance redressal


You are here: Home » Current Articles » More Secure Online Transactions
                       Previous           Next

More Secure Online Transactions  

August 10, 2009

The effort to make online transactions safer through another layer of security is a good move. The newly mandated Personal Identification Number (PIN) for online transactions has to be verified by Visa or MSC (Mastercard Secure Code) from 1st August. This requires online registration with the respective banks. The PIN ensures that credit card number and CVV alone will not permit access to the account without the PIN which is only known to the card holder. ICICI Bank has gone a step further and wants users to create a personal assurance message (PAM) for additional security.

Introducing a PIN is indeed a good move, but it also means one more code/password to remember.  It has reached a stage where regular Internet and e-commerce users need to memorise at least a dozen login IDs and passwords for a variety of transactions, social networking sites, email and online subscriptions. Remembering passwords is difficult and effective passwords are even harder to remember. Changing passwords frequently is advisable but not feasible, and writing them down is dangerous. How does one cope? Here are a few tips from experts. First, have separate passwords for your e-commerce transactions and other routine, risk-free subscriptions or social networking sites. Use the same password for routine access so there are fewer to remember. For e-commerce transactions, avoid straight-forward combinations of your date of birth, mother’s name and place of birth, since these are commonly used by banks for identification. Add dots, hyphens and mix upper and lower cases to make the password more secure. Some even develop elaborate password creation systems, but don’t try this unless you are confident of remembering the combination. There are password manager programmes to store multiple logins and passwords, but you need an extra-secure password to protect the password file too.  So, although RBI’s additional security measure is welcome, wouldn’t it be better if it cleared the use of e-wallets and/or stored-value cards so that one can limit the risk of online transactions?


-- Sucheta Dalal