New Delhi: The popular payment security company Sisa has recently expressed concerned that hackers may harm Indian payment system globally and if they got success then misuse of money can be done from anywhere in world.
Sisa, a well known payment security specialist company, has expressed apprehensions of hackers in the Indian payment system.
The company has said that if hacker got success in hacking payment system in India, then an Indian bank cards can be misused and money can be withdrawn from ATMs in any part of the world.
Now, according to Sisa the target of hacker is not only government banks but private bank apart from payment processor and payment aggregation.
The firm’s payment forensic team has found in its investigation that the payment switch system of all the banks in common language can also be termed as a type of virus.
Meanwhile Malware is being put to technicality of the language. Now it will happen that there will be confusion in the transaction of information between the bank and the payment system and the bank will not be able to distinguish what information is correct and which one is wrong.
The danger of this problem is that the advantage of confusion can be raised from any corner of the world. Sisa says that the delay in taking steps to deal with the hazard will be as much as the damage.
Indian banking system on target of hackers says Payment security company Sisa:
Payment security firm Sisa has issued an advisory to all banks and payment processors after it discovered that hackers had managed to insert malicious software into the payment switch server of an unnamed bank.
The advisory is in the nature of a warning to other banks to reset passwords for employees with access to payment servers and to use two-factor authentication for providing access.
A Sisa spokesperson said that a malicious script (software code) has been injected into the payment switch application server-the hub which communicates with payment networks.
This malicious software is capable of collecting payment card data (including card number, expiry date, CVV and other customer information). The hacker can then use this information to clone cards and conduct transactions.
The malicious software also enables transactions by sending fake response to the payment network in respect of the card.
The fake responses ensure that no details of the incoming transaction request or outgoing transaction response are logged in the switch application logs.
While the malicious software has been identified, it is not yet clear whether customer accounts have been compromised.
