On level of Internet security
128 bit encryption is not very prevalent here because of the US government's ban on export. Today, however, there are encryption systems coming in with 128 bit encryption. I think Citibank is using 128 byte encryption for their Suvidha account in Bangalore. But I do not know how extensive it is because I personally haven't seen that system. Security from the market perspective is there but from the transaction perspective one is looking at encryption or in using something like Verisign, with the concept of private key and public key.

On the authentication process
There is no physical way to verify a person on the Net. You should use various checks or measures to be able to identify the person. It is like walking the person through a set of questions.

Even in today's banking system you do that. For instance, if you want to make any changes in your credit card, the operator on the other line runs you through basic checks and measures by asking key data pertaining to you. You assign the level of transaction that one can do over the phone. Things other than that can be done on physical verification.

On the credit card verification mechanism in India
In the US the system asks for key data apart from the credit card number. It checks for the validity of that particular card and verifies the data collected with the credit card company before executing the transaction. This is true online system. But in India it does not happen that way.