The principal secretary, state IT department, has directed Dena Bank and to pay nearly 2.3 lakh each to a company after fraudsters transferred 10 lakh from its account using a duplicate SIM card. The funds were transferred to different banks in New Delhi, Gwailor, Nagpur, Agra and Bihar and IP addresses of the transactions were traced to Karachi, Texas, Massachusetts, police said.
“It is clear Vodafone and Dena Bank have let down their customers. Even though customers are expected to use their discretion to secure their net bankings IDs and passwords, the onus of securing customers’ data is on the banks and similarly the telecommunication companies,” SVR Srinivas, principal secretary-IT, said in his order.
In January 2014, Vijayindra Shirahatti, director of Ulhas Oil and Chemcial Industries Private Ltd, lodged a complaint that someone had fraudulently transferred 10 lakh from his company’s account.
At the Vodafone gallery, a staffer told police that as he was alone at the office he issued duplicate SIM cards to 30 to 40 customers on December 16.
Shirahatti said that on December 16, 2013, he lost mobile connectivity. When he went to Vodafone gallery, the staff asked him to come next day. Next day he was given a new SIM card. The bank always sent transactions alerts on this number.
On January 1, the bank statement showed transfer of Rs 9.99 lakh on December 17 while his phone was disconnected. He lodged a complaint with MRA Marg police. At the Vodafone gallery, a staffer told police that as he was alone at the office he issued duplicate SIM cards to 30 to 40 customers on December 16. He claimed to have misplaced the KYC documents collected for issuance of duplicate SIM cards..
The adjudicating authority said Vodafone did not follow the reasonable security practices and procedure before issuing a duplicate SIM card which led to a wrongful loss to the complainant. Dena Bank was found lacking for not raising any alerts. Foreign IP address were used to withdraw money using net banking, but all this did not raise any alerts within the bank’s system. This clearly shows that the bank does not have proper system in place for fraud detection, the order said.
Vodafone, in its reply, said disruption of service by not receiving SMS alerts cannot be sole ground for casting the onus on them. Dena Bank said they wrote to the beneficiary banks to freeze the beneficiary accounts and remit the funds. The order said as only Rs 5.48 lakh has been returned, a fair compensation should be provided. Both Dena Bank and Vodafone should equally be responsible and the penalty will be divided equally between them.
Advocate Prashant Mali, appearing for the complainant, said, ”I feel the justice is delayed. At least the authority should have asked them to pay compensation with interest.”
Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India