Credit/Debit Card transactions- Security Issues and Risk mitigation measures for Card Not Present Transactions.
02) and the use of Indian cards for transactions on foreign websites.
RBI has clarified that the ‘’additional authentication/validation based on information not visible on the cards for all on-line card not present transactions”, is applicable to all transactions using cards issued in India, for payments on merchant site where no outflow of foreign exchange is contemplated.
In simple terms, all overseas website/payment gateways too have to adhere to the additional authentication / validation for all on-line card not present transactions.
So far, there was no clarity on the additional security feature for overseas website/payment gateways.
However, the additional feature should be easy to implement with the Verified By Visa and MasterCard SecureCode. Hm, there might be an additional cost, but am sure, the costs will be less than the potential sales.
To clear the air, RBI has clearly mentioned that this mandate is not presently applicable for use of cards issued outside India, on Indian merchant sites.