Central Bank of Bahrain
  

Double Swiping of Payment Cards to be discontinued from 15th June 2017

28th May 2017 - Manama, Bahrain - The Central Bank of Bahrain (CBB) has announced that all merchants and shopkeepers in Bahrain are required to stop their present practice of "double swiping" payment cards such as credit, debit, charge or prepaid cards, at their own point of sale (POS) and cash registers, from 15th June, 2017.

“Double swiping” means a merchant or shopkeeper swiping a card for the second time at his or her point of sale (POS) or cash register, immediately after the card transaction is approved in response to the first insert/swipe of the card at a POS belonging to the card acquirer. This practice of "double swiping" is widely considered as unsecure and hence, being discouraged by a number of countries, as well as card companies like VISA, during the last couple of years. 

Over the years, the CBB has taken a number of measures to protect card transactions. Among these are the phasing out of the traditional magnetic stripe cards and adoption of the EMV (Europay, MasterCard and Visa International) compliant chip embedded cards, as far back as 2010, since EMV is widely considered as the global security standard for card transactions. Card transactions in Bahrain are now processed securely, using card information stored in chips. When a card is first inserted in to the acquirer's POS at a sales counter, the card transaction is completed after the necessary approval or denial. The customer immediately receives a transaction advice via SMS message, for both, local as well as international card transactions. Accordingly, a card transaction does not require swiping the magnetic stripe again on the shopkeeper's own POS or cash register.

Merchants have been "double swiping" as a practice over the years, to collect card payment details and cardholders' personal data for internal accounting and/or marketing purposes. However, as this practice of swiping at a shopkeeper’s POS or cash register for the second time provides access to all payment card data, including sensitive information such as security code and personal data encoded on the magnetic stripe, it can effectively lead to card data compromise. Capturing or storing such sensitive card information in a shopkeeper’s computer system, has the potential risk of unintentionally exposing such information to malpractices and card frauds. Furthermore, it can undermine the efforts taken so far to enhance the security of card transactions by moving from magnetic stripes to EMV chip cards. Hence, there is a serious need to stop this unsecure practice of "double swiping" and thereby protect cardholder data against possible theft and to ensure public confidence in card transactions.

 

Bahrain E governance siteBahrain 2030