Est-il possible de déduire de l'argent de ma carte de débit en connaissant le numéro de la carte de numérotation 16 et le numéro CVV?

Saurabh Suman

Saurabh Suman, PDG de

Répondu il y a 49w · L'auteur dispose de réponses 1.8k et de vues de réponses 3.1m

The Most shocking case was exactly around 1 year back, when tons of Axis Bank accounts were compromised and that too because of the data taken out of the debit card users at Atms. Most of the users who used the Debit card in the ATM, complained this issue.

If you will ask a banker or any tech guy who deals in payments will always advise you to keep the card data safe. Not to hand over card to anyone just like that.

Even though your card has a 2FA activated, the card money could be taken out.


Your card has 16 digit number.

Your card has expiry month/year.

Your card has CVV code on back side.

If someone has got these three information, they can use these details on International Websites, where actually the RBI rules doesn't work out. There they may/or not ask for the OTP verification. And at such International websites your card could be used to take out the money.

How a Card works on most of international websites?

There you will have to provide card number. Expiry & CVV and you can pay. There is even no need to write the correct name which is on card. And once these data is submitted and clicked on Checkout, the money is authorised & charged instantly. They wont ask for the OTP/2Fa details.

Although there will be IP footprint etc, but that is mostly of no use. Usually in dark web all these kind of things are used.

How to Protect your card then?

Its quite simple, which most of the Indians dont do.

De-Activate the card for international coutumes. Its quite simple. Many of the banks has their mobile app, where you can activate/de-activate the card for international usages. If you dont have a Mobile App or your bank has not yet provided this facility on mobile app, you still can do this by calling the customer care of the bank. Ask them to de-activate the card for international usages. Simple!

A 2–3 min of call will save you from lot of hassle.

Just to note: Now a days, many countries outside India too are working on enabling 2FA on cards. And very soon on most of the payment gateways internationally the 2FA requirement will come up. But its still an open end, which can anytime loot away your money.

PS: Never give the card to anyone in restaurant just like that or at any store location. Go to the EDC machine yourself or ask them to bring one to you, if they have the mobile EDC. Try to hide the back side of the card for sure. Or the best is Scracth of the CVV from your card back side. Keep it in your mind. And it will save you lots of hassle in times when you actually will have to give the card to someone.

Leggi:  Comment les banques vérifient-elles si une carte PAN et une carte Aadhaar liée au compte sont réelles ou factices?

If you have any further question, please do ask. Would love to learn with you on the same.

Sajithkumar Varma

Sajithkumar Varma, travaille chez FINO INDIA

Répondu il y a 142w · L'auteur dispose de réponses 73 et de vues de réponses 423.4k

No, Not possible.

Now lets consider the options for withdrawing the amount.

Option 1) AU M

Now here I am assuming that there is no physical possession of the card. So withdrawal by ATM is out of scope.

Option 2) Online Transaction or Online Transfer.

Now you have assumed that there is possession of only 16 digit card number and CVV number.

I would say answer is a big no.

Lets consider the step for any online transaction:

1) You make a purchase.

2) Opt for online payment.

3) Select the option as Credit Card/Debit Card

4) Then key in the details

5) Do authentications.

6) Payment is done.

Now here step 1 & 2 is fine.

What about step 3???

Can you identify the nature of the card with its 16 digit number? No. I don't think that anybody will be able to understand the nature of the card whether it is a debit card or a credit card by its 16 digits.

Now taking the things forward, say even if the person is possession of that info then the activity will be like this.

For Credit Card:

Select Master or Visa or Amex or Diners. What about here? Again second hurdle.

Even if you get the above information then you are asked in to key in the card holders name, and expiry date of the card other than CVV number. So again another hurdle.

Assuming that you have crossed this then comes the next step, OTP. What about that? At least this will be in the possession of the card owner since OTP will be received in mobile only right????

For Debit Card:

Here when you key in the card details, you are generally requested to key in into the bank portal with the Log In ID Password of Net banking. Would you able to assume that? No.

Next is another level of authentication for banks like ICICI, HDFC & BOI another security features. ICICI has a grid system. HDFC has a secret question and BOI has hell lot of verification again which I chose not to explain here due to complexity. (I guess BOI Customers would be smiling here.)

So to summarize, thanks to RBI just with the card number and CVV nothing can be done. Banks as well as RBI has mandated many security features which makes fraud via cards almost next to impossible.

Trust I have been able to answer you. Thanks


Bhavin, Cartes, paiements, EMV & connaissent peu de choses de la vie aussi

Mise à jour il y a 15w

Leggi:  Comment insérer une image dans une réponse ou une question sur Quora

Yes it is possible !! if someone knows your debit card , expiry and cvv( cvv2).

For 2nd factor authentication to be made mandatory , merchant also need to be compliant with that ( verified by Visa , MC secure code ) . If merchant is not participating they ll not forward your request for 3D secure ( 2nd factor authentication ) and transaction will follow normal route without 2nd factor process .

there are many international sites working without 3D secure and following above process .

Going little technical - Issuer, your bank has an option to check indicator (ECI) coming in request which will describe whether it was gone through 3D secure validation and if it was bypassed by Merchant . Banks usually check This and takes decision based on their setup and fraud policy .

however they would not decline such txns as many of international sites are still not in compliance with 2nd factor validation and it will cause customer inconvenience if they reject those txns.

hope this helps ..

John Smith

John Smith, Commis à l’école secondaire secondaire principale de Government Boys (2017-present)

Répondu il y a 55w · L'auteur dispose de réponses 114 et de vues de réponses 379.5k

Réponse d'origine: Can money be stolen from a account by knowing debit card number, expiry date, CVV? If possible how?

No Its Depend on Debit card which bank debit card you use now. Sbi, Pnb, hdfc are top banks of india and provides you to maximum security they cant compromise your money.

If I know your Debit card number,cvv, expiry date iam only use in paytm add money. If i tried to add money from your debit card number cvv and expiry date after enter these informations otp comes to your registered mobile number without entering otp i cant do transaction in my paytm account. If You see that such otp messages comes to my phone then go to bank and block your atm card. Dont answer to calls made by bank if they ask any information about you such as otp,adhar number, date of birth etc dont answer any questions such a calls made by thiefs and frauds. Beware

Rajat Madan

Rajat Madan, B.Tech. Insrumentation and Control, Bharati Vidyapeeth's College of Engineering, Delhi (2020)

Répondu il y a 48w · L'auteur dispose de réponses 97 et de vues de réponses 402.4k

Réponse d'origine: Can money be stolen from a account by knowing debit card number, expiry date, CVV? If possible how?

Yes, it is possible

A person can make a cloned card by knowing card details because card details contain the different types of information required to get access to the account. The person having deep technical knowledge can make a cloned card.

Jozy Kristina

Jozy Kristina, Media Manager chez EU Pays

Répondu il y a 107w

Card verification value (CVV) is a combination of features used in credit, debit and automated teller machine (ATM) cards for the purpose of establishing the owner's identity and minimizing the risk of fraud. The CVV is also known as the card verification code (CVC) or card security code (CSC).

Leggi:  Existe-t-il un moyen permettant aux acheteurs de compter de l'argent sur mon compte bancaire sans révéler les détails de ma carte bancaire?

On a typical credit card, there are two components to the CVV. The first code is recorded by the card issuer in a magnetic stripe that runs lengthwise along the back of the card. This stripe resembles magnetic tape and can contain a large amount of data. The code is recovered by sliding the card through a magnetic stripe reader that picks up the binary data in a manner similar to the way a tape drive works. The second code is a multi-digit numeral printed flat on the card, separate from the longer, embossed account numeral. On a VISA, MasterCard or Discover Card, the printed CVV contains three digits and is located on the back near the signature area. On an American Express card, it contains four digits and is located on the front near the embossed account numeral.

When properly used, the CVV is highly effective against some forms of fraud. For example, if the data in the magnetic stripe is changed, a stripe reader will indicate a "damaged card" error. The flat-printed CVV is (or should be) routinely required for telephone or Internet-based purchases because it implies that the person placing the order has physical possession of the card. Some merchants check the flat-printed CVV even when transactions are conducted in person.

CVV technology cannot protect against all forms of fraud. If a card is stolen or the legitimate user is tricked into divulging vital account information to a fraudulent merchant, unauthorized charges against the account can result. A common method of stealing credit card data is phishing, in which a criminal sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Once the criminal has possession of the CVV in addition to personal data from a victim, widespread fraud against that victim, including identity theft, can occur.

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.