ICICI Bank’s stupid “feature” introduces privacy concerns

A couple of days back, I received an sms from ICICI bank informing me that I can view my credit card statement without logging into my account. As you may expect, it blew me away. It still beats me why someone would like to access her/his credit card statement without any password.

No Privacy

No Privacy :’(

To be fair to ICICI, this doesn’t mean that one can simply access the information using the credit card number. It does put three fields forward.

Field 1- Card Number: The problem here is that most of the swipe machines that you come across, at least in India, will print your complete card number on the receipts. One copy is left with merchant where you shop. Moreover, in all probability, you keep you credit card in your purse which is easily accessible to your parents, wi[fe|ves], girl|boy-friend[s], and even friends. Hell, the waiter could jot it down. So let’s face it, it’s not really a secret anymore in the current scenario.

Field 2- Date Of Birth: Doh!

Field 3- Card valid from: Now this one might sound a bit tricky, considering that only the expiry date of your credit card is specified on the receipts. However, please note that:
(1) this date can be noticed by a cursory glance on the card,
(2) the from and end months alomst always are the same, i.e., if your card expiry is 05/2015, the start month, in all it’s probabilty will be 05 (May). Just try a few combinations, and bang.

…and if all this sounds too complex and useless, consider that all of the above information is easily accessible to your family members and close friends. I am not sure about you, but I prefer a certain degree of privacy.

…and if the cynic in you is still not convinced, consider this –the total effort of keystrokes and clicks combing your card number+date of birth (via a date picker)+card valid from will most probably exceed the keystrokes for ICICI userid+password. Unless of course, you are paranoid who writes a poem in 1337 for the password.

So although there could be a debate on the level of privacy concern that it raises, there can’t be any debate on the sheer stupidity of this feature. Uh!

If you liked my post, feel free to subscribe to my rss feeds

Share with others

Post ICICI Bank’s stupid “feature” introduces privacy concerns to digg.

Post ICICI Bank’s stupid “feature” introduces privacy concerns to Reddit

3 Comments so far (Add 1 more)

Dear Sir,

Please write to us at nodalofficer@icicibank.com with your credit card number and contact details. Please use subject line as ” Comments from Site”.

Sincerely,

K Raghavender
Office of Head Service Quality
ICICI Bank.

1. ICICI Bank Service T on March 24th, 2009 at 3:18 pm
Dear Raghavender,
What exactly do you want me to mail, and why with my CC details? I have a simple rant which I’ve mentioned here. It’s not a personal, rather a collective concern.

In any case, I appreciate someone from the bank actually reading and commenting on an article of probable concern.

2. Bipin Upadhyay on March 25th, 2009 at 1:39 am
I chanced upon your blog and found it very informative. The event blogs are striking enough to have a feel of the event, so, I would like to have a little chit-chat on your blogging interests. And even we are coming up with an event on startups on June 6th. So, can I have your contact details? Looking forward to hear from you.

3. Benny on May 30th, 2009 at 1:17 pm

M	T	W	T	F	S	S
« Mar
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Code in my Bug!!!