On April 25, India’s largest bank, the State Bank of India (SBI), released a process document explaining the guidelines customers must follow to conduct secure digital transactions.
The bank has released step-by-step instructions for debit and credit card transactions, Netbanking and UPI transactions.
Debit/credit card transactions
For secure debit and credit card transactions, SBI has asked its customers to be aware of the environment of ATMs and point-of-sale (POS) devices.
Customers should always cover the keypad when entering the PIN code.
When transacting on e-commerce websites, they should check if it is an authentic site.
For added security, customers can also set a limit for card transactions on e-commerce platforms, POS and ATMs for domestic and international transactions.
For Netbanking, SBI asked customers to always look for “https” in the address bar of the bank’s website.
It is advisable not to conduct Netbanking transactions in public places using open Wi-Fi networks, lest hackers get access to the account ID and password, SBI said.
Additionally, users should always log out of the site and close the browser window after executing the transaction.
Passwords should remain unique and complex, and should be changed periodically.
For security reasons, you should never write down the ATM’s bank ID, password or PIN code. Besides, it is always recommended to disable the “automatic save and remember” function on computer and mobile devices to avoid storing user ID and password, he added.
Since more and more people are now using United Payments Interface (UPI) for digital transactions, the SBI document also mentioned how to protect against breaches, according to a report by FE Online.
He advised customers to keep their Mobile PIN and UPI PIN different and random.
Also, they should not respond to unknown UPI requests and instead report such suspicious requests to the bank.
Most importantly, they should keep in mind that a PIN is only needed to transfer amounts, not to receive them. Hackers often trick gullible customers into divulging their PINs with the promise of money transfers.
Finally, if a UPI transaction has taken place without the client having executed it, it is always recommended to deactivate the UPI function of the account immediately.