| Today plastic is the convenient, easy and fashionable | | | | |
| alternative to wads of paper. With one swipe, credit | | | | “Whoever intends to take dishonestly, any property, |
| cards have changed the way we live. Unfortunately, | | | | out of the possession of any person without the |
| along with the convenience has come related crime. | | | | consent of that person moves the property in order to |
| Thus, the primary objective of this article is analysing | | | | such taking, is said to commit theft.” |
| this problem in a global as well as Indian perspective. | | | | |
| An attempt has also been made to enlist the various | | | | In order to commit theft following elements are |
| legal provisions available as remedies if a person | | | | required to be satisfied: |
| suffers from such fraud. | | | | (a) The intention must be dishonest. |
| Credit card fraud involves withdrawal of funds and | | | | (b) Such property must be movable in nature. |
| obtaining of goods and services by using an | | | | (c) Such property must be taken out of the |
| unauthorized account. Otherwise inaccessible personal | | | | possession of its owner. |
| information stored on computers is stolen in order to | | | | (d) Such property must be taken without the consent |
| use a card. Due to the virtual explosion of credit card | | | | of the owner. |
| business throughout the world, security has become | | | | (e) Such property must be removed from its original |
| critical in the entire process. There were about 60 | | | | place to another. |
| million credit card holders in the sixties and according to | | | | Now we have to examine whether online credit card |
| an estimate, the number has gone up to more than a | | | | theft satisfies the abovementioned requirements in |
| trillion now. | | | | order to book the offender to justice. This definition, if |
| In India, credit card companies make a provision in their | | | | interpreted in strict sense, does not include the online |
| contract with the client that they, the company, would | | | | theft of credit card information. But, if a merchant |
| not be liable for the fraudulent transaction unless the | | | | dishonestly obtains the blank purchase slip and forges |
| client loses his/her card and reports the loss | | | | the signature of the cardholder’s signatures on it |
| immediately. Sometimes the banks and credit card | | | | and thereafter obtains the payment from bank, he can |
| companies try to save their skin by inserting a clause | | | | be booked under the offence of forgery. |
| in the relevant contract. This is purported to absolve | | | | |
| the company in case a fraud occurs on the stolen | | | | Hacking has become an important tool in the hand of |
| card and the client fails to notify the loss in time. This | | | | cyber criminals to take away the confidential |
| unilateral provision however has not stood the test of | | | | information relating to credit cards and use it illegally for |
| legal scrutiny. The courts have placed the burden of | | | | their personal advantage i.e. purchasing goods or online |
| loss on the issuers. | | | | transaction of money etc. |
| In India, the Mail Order Telephone Order (MOTO) type | | | | |
| account for the bulk of credit card frauds. This occurs | | | | To deal with this menace, our Parliament has been |
| when the card is not actually presented, but the details | | | | enacted the Information Technology in the year 2000. |
| are given on the application form to buy goods or | | | | Following penal provisions of this statute are relevant |
| services or when the transaction is done on the | | | | to mention here. |
| telephone. | | | | |
| Fraud through fake cards is not as rampant in India as | | | | Section 66- This section provides the following |
| in the USA. Techniques have been developed | | | | penalties for hacking with computer systems: |
| whereby the number and other information on the | | | | |
| magnetic strip is erased and a new number is | | | | (1) Whoever with the intent to cause or knowing that |
| embossed. When the card does not work on the | | | | he is likely to cause wrongful loss or damage to the |
| swiping machine, the merchant manually processes the | | | | public or any person destroys or deletes or alters any |
| details of the card to complete the sale. This | | | | information residing in a computer resource or |
| procedure is called skimming of the cards. | | | | diminishes its value or utility or affects it injuriously by |
| In the USA, identity theft is also quite prevalent and is | | | | any means, commits hack. |
| supposed to be one of the fastest growing offences | | | | (2) Whoever commits hacking shall be punished with |
| in America. The fraudsters adopt another person’s | | | | imprisonment up to three years, or with fine which may |
| identity to gain access to their monetary sources. In | | | | extend up to two lakh rupees, or with both. |
| the case of online transactions, ‘site cloning’ is | | | | The offence under this Section is cognizable and |
| resorted to where the site clone created is made to | | | | non-bailable. |
| look like the original site in order to obtain the credit | | | | |
| card details of unsuspecting customers. Similarly, false | | | | Section 43- Clauses (a), (b) and (g) of Section 43 state |
| merchant sites are also created where cheap goods | | | | that if a person has unauthorized access or secures |
| lure customers into giving their card details. | | | | access to computer, computer system, computer |
| Scared by the ever increasing cases of credit card | | | | network or downloads copies or extracts any data |
| fraud, the affected companies and banks have taken | | | | from such computer, computer system, computer |
| various steps to minimize it. Manual reviews of the | | | | network or even assists another person to facilitate |
| transactions on the card are undertaken, but this | | | | access in the aforesaid manner respectively, he shall |
| requires a high level of human intervention and | | | | be liable to pay damages by way of compensation |
| increases costs. In the USA, Address Verification | | | | not exceeding one crore rupees to the person so |
| System (AVS) has been developed for use in the | | | | affected. |
| ‘card not present’ scenario. The system is | | | | It is quite apparent from the above that besides legal |
| designed to check whether the address given by the | | | | protection it is necessary to carefully examine the |
| buyer matches with the one on record. | | | | technological and contractual protection existing within |
| Visa has devised a Payer Authentication System | | | | the system because law is not an alternative to other |
| based on PIN similar to the system used on ATM | | | | security measures required to be taken by the |
| cards. This is a channel between the bank and the | | | | cardholder while making online payment. |
| customer used to authorize online transactions. With | | | | |
| the increase in cross border ecommerce the issuers in | | | | |
| India will have to update their arsenal to combat the | | | | |
| forgers on the same lines as their Western | | | | |
| counterparts. The Information Technology Act and | | | | |
| Rules, passed in 2000, provide penalties for the | | | | |
| tampering of computer source documents and hacking | | | | |
| of computer systems. No specific mention has, | | | | |
| however, been made of Credit cards or financial | | | | Conclusion |
| transactions. The RBI has formed the Credit | | | | In India, credit card fraud is mostly limited to the physical |
| Information Bureau of India (CIBIL) in collaboration with | | | | space. Online con jobs make up just about 1% of the |
| Dun and Bradstreet who will maintain the records of all | | | | total numbers here, unlike 40% in the developed world. |
| individuals who want to avail of finance from banks | | | | But, as consumers graduate to the shop-easy internet |
| and credit card companies in India. | | | | and pay with their cards, instances of fraud are bound |
| The Indian Penal Code contains provisions to check | | | | to rise. While we don’t have statistics, as access to |
| economic crimes such as Bank Fraud, Insurance fraud, | | | | the web increases, reported cases of card fraud are |
| Credit card fraud, stock market manipulation, etc. The | | | | estimated to rise at 20-30 % every year. In online |
| local police deal with the IPC crimes falling under the | | | | transactions, contracts are one-sided and the |
| broad categories of ‘Cheating’ (Section | | | | customer is always held responsible in case of fraud. |
| 415-424), ‘Counterfeiting’ (Coins & Stamps | | | | Phishing, where a consumer gets a fictitious email from |
| Section 230-263A and Currency Section 489A-489E) | | | | a fake site or blog seeking sensitive card information, is |
| and ‘Criminal Breach of Trust’ (Section | | | | a commonly-used defrauding mechanism. To top it, |
| 405-409). | | | | people are careless in offering their card details. |
| Online Credit Card Offence & Indian Law: | | | | Almost all the banks issuing credit cards issue various |
| | | | | guidelines and suggestions to the customers from time |
| So far as Indian legal position is concerned, any | | | | to time in order to cut short the rate of credit card |
| offence pertaining to online payment through credit | | | | frauds and misuse to a minimum possible level. |
| cads will come within the purview of Information | | | | Thus, we can conclude that with the help of the legal |
| Technology Act, 2000 read with relevant provisions of | | | | remedies available as cited earlier in the Article, penal |
| Indian Penal Code, 1860. Section 378 of the Code | | | | action can be brought against the offenders who are |
| defines the term “theft” as follows: | | | | held liable for credit card frauds and misuse. |