The path of plastic and digital money is fraught with perils such as losing currency notes or other instruments, rather a ‘bit’ more—a fact that majority ignore, blissfully.
Watch out for the ‘digital bandits’ who are on prowl all over the world wide web, but difficult to identify. “They do not wear the attire of ‘Gabbar’ from the Bollywood blockbuster Sholay or talk suavely like George Clooney or Brad Pitt from the Hollywood hit Ocean’s Eleven. They are faceless and shapeless,” said N K Singh Director Information Security, Globaltech and Infosec , a Delhi-based certified auditor of payment card industry accredited by he PCI Security Standards Council.
It is a global organization that maintains, evolves and promotes the payment card industry standards for the safety of cardholder data across the globe.
According to the research analyst firm Gartner, the legal and regulatory mandates on data protection practices are impacting digital business plans and demanding increased emphasis on data liabilities.
Customer data is the life-blood of ever-expanding digital business services. Incidents such as the Punjab National Bank, Religare and Paytm in India are warning signs of more such financial data breach. India accounts for 37 per cent of the global breaches in breaches in terms of records compromised or stolen or revealed, mentioned a report released by digital security firm Gemalto.
The potential penalties for failing to protect data properly have increased exponentially.
"It's no surprise that, as the value of data has increased, the number of breaches has risen too," said Peter Firstbrook, research vice president at Gartner. He adds, "In this new reality, full data management programs — not just compliance — are essential, that fully understands the potential liabilities involved in handling data."The PCI Council's founding members, American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc., have agreed to incorporate the PCI Data Security Standard (PCI DSS) as part of the technical requirements for each of their data security compliance programs.
“It is the most critical thing for us and our industry that is dealing in cards…but it is important that individuals understand the importance of PCI certification and role that firms like Globaltech and Infosec play in auditing secure environment for a card service provider,” Anubhav Saxena, founder and CEO, AS Tecnolutions.
Legal experts, point out that from an industry perspective the compliance of international best practices on credit cards is in a patchy manner in India. They also point that compliance is very low in the country, but in Europe it is very high. Unfortunately, law has not effectively delivered in providing huge quantum of damages companies believe that they can take non-compliance as business risk.
“People need to understand that a credit card service needs higher level of data security. RBI has ordered a zero per cent liability, which means the industry has to be responsive or face legal consequence,” says Pavan Duggal, leading Cyber Law and Security Legal expert.
To be continued in part II