• Hey there! Welcome to TFC! View fewer ads on the website just by signing up on TF Community.

SBI and HDFC Credit Cards used Fraudulently

Apply For Lifetime Free IDFC First Credit Card
phoenix003 said:
I have 2 credit cards and both were used on flipkart but I didn't get any otp neither sms.What can be the reason?
Click to expand...
So , you are saying you used both the cards successfully for Flipkart transactions without OTP.. right?? I haven’t heard this before.. let’s see if anyone had this experience
 
phoenix003 said:
I have 2 credit cards and both were used on flipkart but I didn't get any otp neither sms.What can be the reason?
Click to expand...
If any transaction happens without otp
There is 100 % chance of approval of charge back

But a domestic transaction happening without otp is next to impossible even if card details is saved & no cvv required

Even then otp comes
 
SSV said:
So , you are saying you used both the cards successfully for Flipkart transactions without OTP.. right?? I haven’t heard this before.. let’s see if anyone had this experience
Click to expand...
It's possible with hdfc if you have swipe to pay enabled 👀 it's stupid but there's a glitch in their system, one can basically call the transaction api with specific headers and say it was a swipe to pay transaction and it's approved no otp required but I'm unsure how it can be done for sbi
 
Kushagra_ said:
It's possible with hdfc if you have swipe to pay enabled 👀 it's stupid but there's a glitch in their system, one can basically call the transaction api with specific headers and say it was a swipe to pay transaction and it's approved no otp required but I'm unsure how it can be done for sbi
Click to expand...
Now this is scary
 
AlgoTrader said:
Now this is scary
Click to expand...
Not that scary someone will have to test the specifics of it

When I was experimenting with it I could only do it with my own device and my own card and not some other cards but it feels like it should be possible with enough know how
 
Kushagra_ said:
Not that scary someone will have to test the specifics of it

When I was experimenting with it I could only do it with my own device and my own card and not some other cards but it feels like it should be possible with enough know how
Click to expand...
if common folks like this can go this far, what about pro hackers bro ? definitely scary
 
AlgoTrader said:
if common folks like this can go this far, what about pro hackers bro ? definitely scary
Click to expand...
I'm an engineer who codes for fun and a living so not just common but also not a problem hacker, that's the thing looking at it I feel someone with more knowledge could probably misuse it
 
Kushagra_ said:
It's possible with hdfc if you have swipe to pay enabled 👀 it's stupid but there's a glitch in their system, one can basically call the transaction api with specific headers and say it was a swipe to pay transaction and it's approved no otp required but I'm unsure how it can be done for sbi
Click to expand...
How to check this swipe to pay?
 
Kushagra_ said:
It's possible with hdfc if you have swipe to pay enabled 👀 it's stupid but there's a glitch in their system, one can basically call the transaction api with specific headers and say it was a swipe to pay transaction and it's approved no otp required but I'm unsure how it can be done for sbi
Click to expand...
Did that work for tokenized card?
 
Ideally OTP should become a matter of past now. If sim binding and device binding is done correctly, and transaction happens from the device, it is safer than OTP.
 
tachniki said:
Ideally OTP should become a matter of past now. If sim binding and device binding is done correctly, and transaction happens from the device, it is safer than OTP.
Click to expand...
The only problem is when the device is lost and was accessed immediately
 
SSV said:
The only problem is when the device is lost and was accessed immediately
Click to expand...
That can happen today with sms also. All app with tokenized cards should have pin / bioauth login too. That may reduce fraud on device loss.
 
SSV said:
The only problem is when the device is lost and was accessed immediately
Click to expand...
No, in deep analysis i found my gmail was getting accessed and the otp received on Gmail was used to do the transaction, however when I requested to block that gift voucher purchased from my account, flipkart blocked my account and till now the complain isn't resolved and I also had filed cyber case against that and that case came to my nearest police station after 2 years and they have no clue of what to do
 
You must log in or register to reply here.

Similar threads

V
Delhi T3 Rupay Lounge access with Family - Review & Cards used
Replies
14
Views
562
lovecards
L
theboogeyman
  • Question Question
Fraudulent Transaction on Axis Bank Credit Card - No Temporary Credit Provided
Replies
10
Views
631
theflash
theflash
darkjediknight
  • Question Question
HDFC has Started Online Applications for Secured Credit Cards using FD
2 3 4
Replies
72
Views
4K
sidpsidp is verified member.
sidp
TechnoFino
Mass Fraudulent Transactions Reported by Axis Bank Credit Card Holders
4 5 6
Replies
106
Views
8K
Riva
R
gischethans
SBI Card Fraudulent transaction Chargeback request was rejected
Replies
18
Views
1K
gischethans
gischethans
Back
Top