ICICI Bank’s stupid “feature” introduces privacy concerns

A couple of days back, I received an sms from ICICI bank informing me that I can view my credit card statement without logging into my account. As you may expect, it blew me away. It still beats me why someone would like to access her/his credit card statement without any password.

No Privacy

No Privacy :'(

To be fair to ICICI, this doesn’t mean that one can simply access the information using the credit card number. It does put three fields forward.

Field 1- Card Number: The problem here is that most of the swipe machines that you come across, at least in India, will print your complete card number on the receipts. One copy is left with merchant where you shop. Moreover, in all probability, you keep you credit card in your purse which is easily accessible to your parents, wi[fe|ves], girl|boy-friend[s], and even friends. Hell, the waiter could jot it down. So let’s face it, it’s not really a secret anymore in the current scenario.

Field 2- Date Of Birth: Doh!

Field 3- Card valid from: Now this one might sound a bit tricky, considering that only the expiry date of your credit card is specified on the receipts. However, please note that:
(1) this date can be noticed by a cursory glance on the card,
(2) the from and end months alomst always are the same, i.e., if your card expiry is 05/2015, the start month, in all it’s probabilty will be 05 (May). Just try a few combinations, and bang.

…and if all this sounds too complex and useless, consider that all of the above information is easily accessible to your family members and close friends. I am not sure about you, but I prefer a certain degree of privacy.

…and if the cynic in you is still not convinced, consider this –the total effort of keystrokes and clicks combing your card number+date of birth (via a date picker)+card valid from will most probably exceed the keystrokes for ICICI userid+password. Unless of course, you are paranoid who writes a poem in 1337 for the password. 😉

So although there could be a debate on the level of privacy concern that it raises, there can’t be any debate on the sheer stupidity of this feature. Uh!