Thai bankers reassure on mobile banking security following fraud incident
The Thai Bankers’ Association (TBA) has reassured its customers about the security and stability of mobile banking applications. The affirmation follows the recent arrest of a software programmer who developed a tool capable of bypassing facial recognition technology for transactions above 50,000 baht.
It is mandatory for mobile banking users wishing to transfer between 50,000 baht and 200,000 baht per day to authenticate their identity via facial scanning. This is in line with the Bank of Thailand’s cybersecurity protocols.
After the incident, the Thailand Banking Sector Computer Emergency Response Team (TB-CERT) conducted thorough checks within the banking sector. The TBA, post-investigation, stated that the fraudulent software could not affect general customer accounts. This is due to the requirement of comprehensive account owner information, including bank account number, national ID number, mobile phone SIM, and the device used for mobile banking. Additionally, identity verification data such as a mobile banking personal identification number, one-time password (OTP), and facial scans are also mandatory, stated the TBA.
“In the reported case, the scammer exploited the software to facilitate transfers from mule accounts or illegal deposit accounts, enabling them to access all the personal data of account owners and conduct fraudulent transactions.”
The TBA emphasised the high level of security and stability of all mobile banking applications. Commercial banks prioritise user security and continuously invest in upgrading their systems, ensuring the reliable and secure use of mobile banking, added the TBA.
The association further highlighted its collaboration with the government and companies to establish preventive measures and manage financial threats effectively. The TBA urged customers and the public to adhere to financial threat prevention guidelines. These include not downloading software from unofficial sources, not revealing banking passwords or OTPs to others, not scanning faces or verifying identities through unknown apps, not clicking links from suspicious text messages, and contacting the originating agency directly to verify any suspicious transactions.
Upon detecting an unusual transaction, the TBA implored customers to contact their bank’s call centre or branch immediately, reported Bangkok Post.
The central bank, from June, requires biometric authentication for high-value mobile banking transactions as a measure to protect consumers from cyber-risks. This includes a facial scan for mobile money transfers of more than 50,000 baht per transaction to local or overseas accounts; transfers of more than 200,000 baht per day; and raising the transfer limit above 50,000 baht per transaction.
