[sbmthakur]

I work with US FIs and security isn't great there either(some don't even have a legit HTTPS cert). Even private Indian banks don't have secured sites, you could still get your details leaked there as well. As for Aadhar, it's no longer necessary for opening an account.

[KorematsuFred]

Citibank sends me Credit Card fraud alerts and when I click on those links I end up on links that are not from citibank domain but some third party service. I am then expected to enter my bank login on that site. I always thought this was fishing until the bank support confirmed to me that it is legit.

[sbmthakur]

Many private banks have strange ways of conducting business. I've been receiving calls from ICICI Bank (through private numbers) to verify my Credit Card. The procedure eventually ends with the operator asking me to enter my CVV through IVRS. Now how am I supposed to know if the IVRS(or even the operator) is legit? On one hand we are not supposed to share our details with anyone and the on the other hand the bank itself asks for these details through shady numbers. It's sad that banks don't do anything properly without RBI guidelines.