On Tuesday payment security firm SISA has issued an alert to all banks and payment processors to change the password for all employees who have access to the payment server.
The advisory was issued after the firm discovered that some unknown hackers managed to install malicious software into the payment switch server of an unnamed bank.
According to SISA, the malicious script was injected into the application server of the payment switch, which communicates with the payment networks.
Once the payment in initiated the malicious software is capable of collecting card details like card number, CVV number, expiry date and other information.
By using this information, the hacker can make a duplicate card and use it for further transactions.
The malicious software is also capable of enabling transactions by sending a fake response to the payment server in the application which ensures no details are logged in the switch application logs.
Even Though the malicious software has been identified, it is not still clear whether any customer accounts are compromised or not.
SISA has advised to reset passwords for all staffs who have access to the payment server and enable two-factor authentication.
“We have released this advisory in the interest of proactively securing the payment card industry based on recent findings by SISA PFI (Payment card industry Forensic Investigation) Lab.”
“In the light of the recent finding, SISA suggests to the industry to implement internationally renowned Security Standards like PCI-DSS and PA (payment application)-DSS. SISA also urge Regulators and Government of India to mandate these security standard to be followed religiously,” said SISA spokesperson to Times Of India in a statement.
Earlier in India, it was not mandatory to report breaches, but two years back RBI has made it mandatory to report breaches and issue a warning to other banks without using names.