ICICI Bank gets a Rs 12.85 lakh lesson in e-security -Governance Now

ICICI Bank gets a Rs 12.85 lakh lesson in e-security

Decision in the first case under Information Technology Act

PTI | April 13, 2010

An adjudicator under the Information Technology Act has directed ICICI Bank to pay Rs 12.85 lakh in compensation to an NRI customer who lost Rs 6.46 lakh due to fraudulent access to his bank account.
"The bank failed to put in place a foolproof internet banking system with adequate levels of authentication and validation," PWC Davidar, Tamil Nadu IT secretary and adjudicator under IT Act for the state, said in his ruling.

The order came on a complaint filed by Umashankar Sivasubramaniam who claimed he received in September 2007 what appeared to be an e-mail from ICICI Bank, asking him to reply with his ICICI Internet banking username and password.
Sivasubramaniam replied as asked and found subsequently that Rs 6.46 were withdrawn from his ICICI bank account.
It transpired then that the sender of email had used a false ICICI bank identity to get Sivasubramaniam to reveal his username and password in order to defraud him. Such an email fraud is known as ‘phishing’ in technical parlance.

Davidar found ICICI Bank guilty of failing to ensure that fraudsters were not able to fake bank’s identity in sending emails to customers and not authenticating the identity of the person who accessed Sivasubramaniam’s bank account.
There was no way by which customers could identify an e-mail as not being from the respondent bank (ICICI); the bank could have obtained a digital signature for the officer responsible for communicating with customers, thereby providing a layer in authentication of such mails, Davidar observed.
There appeared to be no effort of that nature by ICICI, he said, adding that access to the petitioner’s account details "reflects very poorly on ICICI’s systems and procedures in the event of a customer facing this situation."
It happened to be the first case filed in the country under Information Technology Act.

ICICI Bank has sought to reassure customers that their internet banking is fully secure and said they will appeal the ruling as the fraud was the result of the callousness of the customer (See the comment posted below on behlaf of ICICI Bank. Though GovernanceNow cannot be sure that it is from a bonafide, authorised officer of ICICI, we are publishing it in good faith.)

Comments

Other News

Citizens of the Bay: Why BIMSTEC matters now

The international order is drifting into a dangerous grey zone as the very powers that built today`s multilateral system begin to chip away at it. The United States has increasingly walked away from global rules and forums when they no longer suit its interests, while China has rushed to fill the vacuum on

PM salutes armed forces on one year of Operation Sindoor

Prime minister Narendra Modi on Thursday saluted the courage, precision and resolve of the armed forces on the completion of one year of Operation Sindoor. The PM said that the armed forces had given a fitting response to those who dared to attack innocent Indians at Pahalgam.&

Supreme Court judge strength to go up by four to 37

The strength of the Supreme Court is set to go up from 33 judges to 37 judges, paving the way for a more efficient and speedier justice. The Union Cabinet on Tuesday approved the proposal for introducing The Supreme Court (Number of Judges) Amendment Bill, 2026 in Parliament to amend The Sup

BJP set to capture West Bengal

The political map of the country is set to be redrawn with the BJP set to win the West Bengal assembly elections, apart from Assam and the union territory of Puducherry. In Kerala, meanwhile, the Congress-led UDF is set to regain power. The filmstar Vijay-led TVK has emerged as the front-runner in Tamil Na

Beyond LPG: Is PNG ready for India’s next cooking fuel transition?

India, the second-largest importer and consumer of LPG after China, faces growing pressure due to supply constraints. Most of India`s LPG imports transit through the Strait of Hormuz, a focal point of global turmoil. Given that LPG forms the backbone of household kitchens and the restaurant industry, any s

Maharashtra adopts hybrid model for Census 2026 data collection

The government has initiated preparations for Census 2026 in Maharashtra, introducing a hybrid approach that combines optional self-enumeration with comprehensive door-to-door data collection to ensure complete coverage across the state. According to senior officials, the Self-