The Reserve Bank of India has issued a directive, mandating all banks issuing credit and debit card to level up the security provided for online card transactions from August 1, 2009 onwards.

The new measure adds a new dimension to the existing security measure for online card transactions.

The new security measure will requires the cardholders to register each of their card holdings with the respective merchants - VISA or MASTER and set up a security password, following which the card will be activated for any online transactions.

With this, every time the customer makes an online transaction, the system asks for an additional password (VBV - Verified by Visa or MSC - MasterCard SecureCode) for verification.

The regulator specifies, "Banks are free to decide on the technology they wish to use to fall in line with these instructions."

Explaining the existing system, an official of HDFC Bank, said, "Currently, the safety parameters adopted by the banks include the card number, date of birth, and the Card Verification Value (CVV) number printed on the back of the card. In some cases, the date of birth is not mandatory, making the transaction insecure."

Currently, most cards have three measures for security, which include card number, card expiry date and three-digit CVV number. The information put together can help in making unauthorized transactions.

Quoting a senior official, Andhra Bank, "Many customers are not even aware that the CVV number on the cards should beset up their erased to prevent misuse."

However, the new security system requires password for any online transactions, and hence even if one losses or misplaces credit card, it cannot be used for any unauthorized transactions as the password vests with the respective cardholder.

It is expected that the new system will rule out possibility of unauthorized transactions.