Imagine someone can just wipe all funds from your account to their desired destination , without setting his/her foot in a ATM machine. I don’t know how banks handle such cases but what I’m sure of is that has nothing to do with your bank. You are not responsible for this loss either.
If you have ever tried to pay for any subscription or purchase with a debit card, all you need is to enter card holder, card number, expiry date and CVV(Technically called Card Verification Value) and you’ll be debited immediately.Some malicious dude will create something like Ecommerce application or a subscription service, then integrate it with card payment API.
When they get your card, either card itself or a photo of the same(both sides) your fate depends entirely on three things: The account balance, Your card limit and finally, the hacker’s mercy. They don’t need your pin. They’ll just enter your card details and money moves from your bank account to their accounts. The transaction will show that you purchased a product or subscribed to a legit premium SERVICE.
This risk at the moment cannot be eliminated, service providers can only minimize it by lowering the card limits. So if you must have that ATM CARD, be very careful and keep your card limit as low as possible. In case your account has nothing to lose, then you have nothing to worry about as well