Thai Bankers’ Association assures bank app security after facial recognition scam

The Thai Bankers’ Association affirmed the security and stability of bank apps, following news of the arrest of a programmer selling software that bypasses facial scanning for transfers exceeding 50,000 baht. The fraudsters exploited loopholes in the system to facilitate transfers without the need for facial recognition for transactions over 50,000 baht.

The Thai Bankers’ Association’s Technology Information Security Coordination Centre (TB-CERT) has clarified that the software cannot be used on general customer accounts. This is due to the need for comprehensive account owner information, including personal data such as bank account numbers, national ID numbers, mobile phone SIMs, and devices used for mobile banking.

Also, identity verification data such as PINs, one-time passwords (OTPs), and facial scans are required. Criminals reportedly used the software to facilitate transfers from mule accounts, with the consent of the account owners.

The Thai Bankers’ Association insists that transfers starting from 50,000 baht per transaction, and up to 200,000 baht per day, still require facial recognition. Banks have systems in place to verify the accuracy of facial scans as dictated by the Bank of Thailand. In the case in question, the criminals were evading the transactions to avoid the facial scanning requirement.

The association also assures that all mobile banking systems are secure and stable. Commercial banks prioritise user security and continuously invest in upgrading their systems, thus ensuring reliable and secure use of mobile banking.

Both the Thai Bankers’ Association and its member banks recognise the increasingly complex and diverse financial threats. They place a high importance on transactional security and customer data protection. They also closely collaborate with related agencies to establish preventative measures and manage financial threats effectively.

Penalty for fraudsters

For mule account issues, the Thai Bankers’ Association and related agencies have been working continuously to penalise offenders. Those who own mule accounts or numbers could face a maximum of three years in jail, a fine not exceeding 300,000 baht, or both, according to the Technology Crime Prevention and Suppression Act 2023.

However, customers and the public should follow financial threat prevention guidelines continuously to minimise the risk of falling victim to criminals. These include not downloading software from unofficial sources, not revealing banking passwords or OTPs to others, not scanning faces or verifying identity through unknown applications, not clicking links from suspicious SMS, always observing the shield in front of Line accounts, and contacting the originating agency directly to verify any suspicious transactions, reported KhaoSod.

If any unusual transactions are detected or suspected, customers are urged to contact the bank’s call centre or their branch immediately. The bank will promptly address and resolve any issues. Alternatively, report to the hotline 1441 of the Online Crime Resolution Operation Center, which is ready to provide advice and solve online threats.

Follow more of The Thaiger’s latest stories on our new Facebook page HERE.