Hi Vikas Excellent drafted mail. You can also raise tempo by putting it in change.org
Lot of folks have concerns in this issue and it should attract interest in good numbers. AccessIndia members would of course support it wholeheartedly. Harish. -----Original Message----- From: AccessIndia [mailto:[email protected]] On Behalf Of Vikas Kapoor Sent: Friday, July 15, 2016 11:47 AM To: AccessIndia: a list for discussing accessibility and issues concerning the disabled. <[email protected]> Subject: [AI] Fw: Saving Card Details without the Consent of Buyers ----- Original Message ----- From: Vikas Kapoor To: [email protected] Sent: Friday, July 15, 2016 11:28 AM Subject: Saving Card Details without the Consent of Buyers Sir/Ma'am, My name is Vikas kapoor and I'm writing this to you from Delhi to bring to your attention about a commonly and widely followed practice over many Indian and foreign websites of various merchants, which amounts to breach the security and privacy of the credit/debit cards of thousands of customers. While performing a transaction over various websites, such as, snapdeal.com, flipkart.com, amazon.in, ebay.in, freecharge.com, (hundreds of them may be sighted), they store the card details without giving the customers an option whether they are willing their card details to be available on third party sites. Although many of them would claim that they don't store the CVV code while saving the card details, I personally think even storing the 16 digit number is a clear case of violation of the privacy of customers. Further, one can argue, as most of the websites often do, in the present age, when an extra security layer is provided in the form of OTP, no security risk is involved while storing the card details, however, I'd like to inform you that this option of generating OTP is applicable only on the websites that operate in India, and, on all other foreign sites, one can complete the transaction without having to generate any OTP. So my argument is: while you may not have any control over the foreign websites, the card data stored on the Indian websites may be leaked to other foreign sites, in which case, we would render ourselves completely helpless. Furthermore, when we all customers are advised by the respective banks to keep our card details confidential, how can various websites openly store your card details when you perform any transaction? Needless to mention that without exercising the option to save the card details with the merchants' sites, the transactions will not be completed. I'd therefore, strongly urge you to kindly look into this issue on urgent basis as these instances quite often go unnoticed, and come up with a strong and general circular asking the websites and other merchants not to store any portion of the cards entered on their sites. Thanking you. Vikas Kapoor, Mobile: (+91) 9891098137, 9013354994 Skype Id: dl_vikas Register at the dedicated AccessIndia list for discussing accessibility of mobile phones / Tabs on: http://mail.accessindia.org.in/mailman/listinfo/mobile.accessindia_accessindia.org.in Search for old postings at: http://www.mail-archive.com/[email protected]/ To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in Disclaimer: 1. Contents of the mails, factual, or otherwise, reflect the thinking of the person sending the mail and AI in no way relates itself to its veracity; 2. AI cannot be held liable for any commission/omission based on the mails sent through this mailing list.. ________________________________ Caution: The Reserve Bank of India never sends mails, SMSs or makes calls asking for personal information such as your bank account details, passwords, etc. It never keeps or offers funds to anyone. Please do not respond in any manner to such offers, however official or attractive they may look. Notice: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this email by error, please notify us by return e-mail or telephone and immediately and permanently delete the message and any attachments. The recipient should check this email and any attachments for the presence of viruses. The Reserve Bank of India accepts no liability for any damage caused by any virus transmitted by this email. Register at the dedicated AccessIndia list for discussing accessibility of mobile phones / Tabs on: http://mail.accessindia.org.in/mailman/listinfo/mobile.accessindia_accessindia.org.in Search for old postings at: http://www.mail-archive.com/[email protected]/ To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in Disclaimer: 1. Contents of the mails, factual, or otherwise, reflect the thinking of the person sending the mail and AI in no way relates itself to its veracity; 2. AI cannot be held liable for any commission/omission based on the mails sent through this mailing list..
