Trust, but verify: Russian banks will ask customers for consent to purchase online


    Photo: Oleg Kharseev / Kommersant

    Russian banks will soon oblige to obtain the prior consent of the client to conduct the operation, for example, by means of a code sent by SMS. The requirement to tighten the security rules of electronic payments and transfers will soon be put forward by the Central Bank, Kommersant writes . Currently, some banks are requesting payment confirmation, but this is done on a voluntary basis. Each bank can spend about several tens of thousands of dollars on the technical implementation of the new rules.

    The fact that the Central Bank will soon require financial institutions under its control to receive confirmation from customers to conduct transactions online, said the deputy head of the Central Department of Security and Information Protection of the Central Bank Artem Sychev. “We will amend provision 382-P to make mandatory the principle of separation of contours, where a payment order is generated and where it is confirmed. To prevent fraudsters from capturing one channel, complete the transaction, ”he explained.

    In this case, the Central Bank will not impose its own decisions on banks, plans for the implementation of payment confirmation. Each bank will be able to implement this in its own way, and there are a lot of ways to do it: these are SMS, scratch cards, one-time codes, and much more.

    As mentioned above, now banks require confirmation of payment from customers on a voluntary basis. One of the banks that uses such a security scheme is Alfa Bank. “Now, as an acquiring bank for electronic commerce, we ourselves determine individual security settings and set when additional payment confirmation is required. It depends on many parameters, in particular on the reliability of the outlet itself, ”notes Vilen Timiryazev, Vice President of Alfa Bank.

    According to Alexey Pleshkov, head of the information security regime department of the information protection department of Gazprombank, the requirement of the Central Bank is objective and consistent with the realities. “Now there are more cases of fraud in relation to customers of large banks - users of remote banking systems, this applies to both individuals and legal entities,” he comments on the situation.

    Last year alone, about 4.9 thousand attempts to carry out unauthorized operations through remote banking services were revealed. The total volume of such operations is estimated at 1.64 billion rubles. Moreover, 80% of operations worth more than 700 million rubles were successful. And these are only those operations that fell into the statistics; the real problem is much more serious.

    Also popular now: