As Indians, we are desensitized to certain social evils. Corruption. Dowry. Black Money. We see them often, and yet we may not really process them, until they injure us or our loved ones directly. I feel there’s another social evil, one that’s heavily hushed and downplayed by the industry and media: terrible practices in electronic payment security.
When I talk about this to my friends who use cards, I see the same level of indifference one might see about corruption. But once in awhile, I talk to someone who had to request a chargeback. Their story, of course, is very different. They quickly relate the pain of investigative questions that they were subjected to and the countless, diligent follow-ups they had to make before the money reappeared in their account. And it is far worse if they’d been travelling or if that was the only money they had.
At Zeta, we take security very seriously. We don’t allow users to add money to their Zeta account without a second-factor authentication (usually, OTP sent by the user’s bank like ICICI or SBI). And yet, every day, we get half a dozen messages from our users telling us that someone cheated them of their PIN, OTP and card details, charged their cards and added funds to some Zeta account. We process dozens of chargeback requests a day.
Honestly, far more people pay using cards than the number of people who use Zeta. If we see so many cases of card payment fraud on a daily basis, we can only imagine how many people lose money every day because of this.
In my previous post on payment security, I have described in detail card payment insecurities and how the prevailing practices are fundamentally flawed. For example, it is not uncommon for banks to say the following:
But every user knows that they cannot do a card transaction online or at a store without giving the card or card information to the merchant. The user has limited control over where he is entering the PIN, OTP or other details.
This must change. By default, users should have secure transactions. Nothing that the user is asked to share should make him vulnerable to fraud.
We built Zeta Super Card with this fundamental rule. We have now made it available for everyone.
Zeta Super Card with SecureShield
Zeta Super Card is a prepaid card that you can load at your will. It is available in digital form the moment you install our Android or iOS apps. You can request for a plastic card on our website or through our apps. You can use this card online for eCommerce transactions or at any stores with a swipe machine that accepts MasterCard. Although it can work at any card accepting merchant as any normal debit or credit card, it is the SecureShield feature of the Super Card that makes it incomparably more secure than traditional magnetic stripe or chip cards with PIN.
With SecureShield we have brought security into your hands and delivered unprecedented controls that prevent card frauds without compromising your convenience. It acts like a remote control for your card.You can turn your cards on and off anytime. When the card is off, no transactions will go through! You can turn it on whenever you want to pay.
SuperPIN
You can use dynamic SuperPIN in place of traditional 4 digit PINs. This ensures that even if the waiter at the restaurant speaks/shouts out your PIN or a CCTV camera watched you enter the PIN, you needn’t be worried. SuperPIN is valid only for 2 minutes and exactly for one transaction. SuperPIN will be available on your phone even when you are offline. You can safely transact any time at all shops that accept cards.
LocationShield
With LocationShield on, you can be sure that no fraudster can transact using your card details even if you inadvertently shared them over phone or email. The system will allow transaction only from machines close to you. If you are in Bangalore and if a fraudster in Mumbai gets your card details and OTP or PIN, he will still not be able to transact using them unless he is also in Bangalore. Irrespective of whether the fraudster is trying to do an e-commerce transaction or doing a transaction with skimmed card on a POS terminal, the transaction will be rejected and you will be notified!
Swipe2Pay
If you transact on ecommerce sites, you would be happy to know that you need not wait for OTP and enter your passwords. By now, you might know the vulnerabilities in that process. With Swipe2Pay, you just need to swipe on the secure dialog presented by Zeta on your phone to complete ecommerce transactions. It is fast, convenient and insanely secure.
Traditional PIN
If you still want to use a traditional 4 digit PIN, you can do so with an increased level of security offered by quick and instant PIN change mechanism available in your app.
Tracking Score
The SecureSheild also keeps track of the security strength of your settings. You can tweak them as you like and know how secure your card is, at any point in time.
Some of these security features are firsts of their kind in the world. But more importantly, they are made to be friendly and easy-to-use, not only for people like our friends but for people like our parents and grandparents, who are not technically inclined.
You must start using Zeta Super Card over any other card if you care for the safety of your funds. You should also give it to your mom, dad, grandparents or anyone else whose financial security you care about. Get your cards today!
Join the campaign of secure electronic transactions! #SecurityFirst @ZetaIndia
Great set of features. Congratulations! The SecureShield is something I’ve seen in foreign debit cards (Wells Fargo, I think?). Do you guys support creating on/off schedules? I would totally want to shutdown my card every evening and turn it back on again at 8AM in the morning. Also, what is the time taken by the update to reflect?
Is the Superpin delivered via SMS when network is not available? The problems of flaky cellular network, which OTP suffers from, still remains in that case. How does the actual flow work? Generate a Superpin, wait for it to arrive and then swipe?
-Nishant
Hi Nishant,
And I am quite certain that Swipe2Pay and LocationSheild are the absolute firsts of their kind in the world 🙂
Thanks for your comments. Please use Super Card and recommend it to others if you like it. You will help them against several kinds of fraud.
Ramki
Hi Ramki,
That’s a lot of innovation put into one product. Absolutely amazed by it. Most of the features you’ve talked about, have to be implemented at the switch level, I’m guessing. RBL Bank does not have a switch (at least, the last time I checked). Kudos to you and your team on working with their card processor (FIC, I think?) and getting all these implemented. Must’ve taken quite some resources. Would like to have a conversation about it, offline (over email?). Just curious as to how things work.
You seem to know a lot of details about RBL Bank, Shubham 🙂 I can’t discuss how we are achieving it as yet. Thanks for recognizing the effort. Let’s catch up on mail.
Hi, I’m in the same space, so happen to know a bit. I am really amazed by the product. On a different note, have you guys implemented affiliate earnings on your in-app e-commerce webviews? That could serve as a sweet revenue source. Again, the first time I saw you guys implement the automatic card filling on web views, I was blown away. It is a little thing, I know, but you guys implemented it in a wonderful way. Can we have a small conversation over email? Can you ping me at [email protected]?