shot-button
Banner Banner
Home > Brand Media News > IT Expert Mr Chandan Exposes Critical Flaws in Banks Credit System Enhances E Commerce Security with Rotating CVV Technology

IT Expert Mr. Chandan Exposes Critical Flaws in Bank's Credit System, Enhances E-Commerce Security with Rotating CVV Technology

Updated on: 05 December,2023 07:25 PM IST  |  MUMBAI
BrandMedia | brandmedia@mid-day.com

Read this story on Inquilab.Com

Mr. Chandan identified some flaws in the credit management system of one of major banks in India that used processed Merchandise Returns from major merchants in India.

IT Expert Mr. Chandan Exposes Critical Flaws in Bank's Credit System, Enhances E-Commerce Security with Rotating CVV Technology

Mr. Chandan

Demonstrating exceptional skill, Mr. Chandan, a 41-year-old IT expert working at Shazam Inc, a debit payment network in the United States, has exposed crucial weaknesses in a significant bank's credit management infrastructure. With a robust career spanning 17 years across international financial institutions in India, Singapore, and the United States, his deep knowledge in Card Authorization Applications, the ISO8583 Message protocol, EMV (Europay, MasterCard, and Visa) Card and Mobile Wallet transactions was key in detecting these critical system flaws.


Mr. Chandan identified some flaws in the credit management system of one of major banks in India that used processed Merchandise Returns from major merchants in India. He observed a specific pattern of misuse by fraudsters with credit cards. These individuals would make large purchases right before the billing date. Once the bill was generated, they would quickly make an online purchase for the same amount and then cancel it as soon as the payment was deducted from their credit card, but before the transaction was completed at the merchant's end. As a result, the merchant would eventually process a refund for this amount, typically 3-4 days after the purchase, under the guise of merchandise return. This refunded amount would then offset the charges in the previous month's bill, while the cancelled transaction, which had been deducted, would be carried over to the next month's billing. By repeating this process over several months, these fraudsters were able to avoid paying for their original purchases, leaving Bank unable to recover the funds used in these initial transactions. Bank had no clue about the money loss. Mr. Chandan not only swiftly addressed this longstanding issue but also pinpointed a list of individuals exploiting this loophole in the credit card system.


According to Mr. Chandan, if a merchant chooses not to implement 3D Secure and accepts the risk of covering costs for online fraud, this creates an opportunity for fraudsters. They exploit this by giving their card details to others, instructing them to buy cash or gift coupons from these merchants. The fraudster offers his virtual card to someone in need, with the condition that they also purchase a gift card or coupon for the fraudster. After the individual completes the shopping and gives the gift coupons to the fraudster, the fraudster then falsely claims to their bank that their card was compromised. As the merchant lacks 3D Secure protection, they are liable for the costs when a dispute is raised by the bank. This scam allows the fraudster to recover the money spent on the purchases and also gain the gift or cash coupons.


As per Mr. Chandan, 3D Secure not only helps in mitigating fraud and shifting liability for fraudulent transactions from the merchant to the issuing bank but also enhances customer trust and compliance with global e-commerce standards, all of which are crucial for the success and sustainability of online businesses.

Mr. Saxena has made a notable contribution to the security of e-commerce transactions by developing and implementing a rotating CVV system. This cutting-edge system periodically changes the CVV - the security code on credit and debit cards - either every hour or daily. This is achieved through a synchronized algorithm that coordinates the generation of new CVV codes between the card and the card issuer's systems. This innovation is vital in enhancing customer protection, as it greatly lowers the likelihood of fraudulent activities, particularly in situations where card information might be exposed or stolen.

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!

Register for FREE
to continue reading !

This is not a paywall.
However, your registration helps us understand your preferences better and enables us to provide insightful and credible journalism for all our readers.

Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK