NRI Charged Rs 12.85 Lakh in Compensation from ICICI Bank

In a landmark verdict in a phishing case in India, first lawsuit has been registered under the Information Technology Act, against the ICICI Bank.

P W C Davidar, Tamil Nadu IT secretary and adjudicator for the state, ordered ICICI Bank on April 12, 2010 to make a compensation of Rs 12.85 Lakh (Rs 1.285 Million) to an NRI customer. The customer complained that he lost this huge amount of money from his bank account as a result of phishing attack in 2007 in Chennai, as per the news published by rediff BUSINESS on April 12, 2010.

The decision surfaced on an appeal filed by Umashankar Sivasubramaniam. He asserted that he got e-mail in September 2007 from ICICI Bank, according to which, his account would be deactivated if he did not respond with his Internet banking username and password.

He responded only to know that Rs 6.46 Lakh were channelized from his bank account to that of a firm, which drew off Rs 4.6 Lakh from the Mumbai branch of ICICI and retained the balance in its account.

The adjudicator continued to accept the plaintiff's statement that the Bank failed to exert due carefulness, and was thus fully liable under Section 85 of the Act, according to which, the Bank had to compensate the victim. He said that the bank was accountable for the loss.

Reportedly, systems and mechanisms of the Bank, prior to and right after the charge of this offence and the lack of KYC liability were also spot lit. However, the main point that is highlighted in the verdict is that ICICI failed to use suitable validation of its e-mails to the consumers in the form of "Digital Signatures". Hence, there was no clue by which naïve customers could key out an e-mail being sent from ICICI.

In fact, the judge said no effort in this regard was seen from ICICI's side. He further added in the light of this case, access to the account details of the petitioner, very poorly mirrors the systems and procedures of the Bank.

Experts, commenting on this issue, said that as there are scores of phishing frauds taking place in the Indian set-up, this verdict is expected to be welcomed by the huge population of Indian Internet banking customers.

Related article: Nuwar Storm Come Back for Valentine’s Day

» SPAMfighter News - 4/23/2010