AmBank and Maybank announce full compliance with BNM security measures
By Digital News Asia June 28, 2023
- Both banks are taking similar steps to increase security
- Banking apps on mobile will be the key to validate online transations
Maybank today announced that it has migrated to Secure2u for online banking services including bill payments and transactions involving DuitNow, FPX and IBG. This completes its implementation of measures to combat financial scams, as announced by Bank Negara Malaysia (BNM) last September.
Maybank customers can now approve all online banking transactions and activities as well as update their personal information such as mobile number and address via Secure2u. At the same time each Secure2u is bound to a single device.
Additionally Maybank is enforcing a cooling-off period for first-time or different device enrolment of Secure2u, tightening its fraud detection rules for suspicious transactions, removing hyperlinks from SMSes, having a dedicated 24/7 fraud hotline for customers, and providing a self-serve Kill Switch to deactivate online banking access and block credit and debit cards.
“Customers are becoming more aware of popular fraud modus operandi and this year, we have seen the number of cases where customers call in to report suspicious messages, calls and phishing sites increase significantly,” said Khairussaleh Ramli (left), Group President & CEO of Maybank.
Starting 1 July 2023, all Secure2u authorisation will be moved to the MAE App. Customers will be able to approve transactions performed on Maybank2u Web, Maybank2u App and MAE App via Secure2u on MAE App.
Meanwhile, AmBank confirmed that it has adhered to all five BNM security measures ahead of the June 2023 deadline.
“In line with AmBank’s commitment to customer safety, we are continuously enhancing our security features and detection rules, including periodic reviews and alerting customers on unusual activities”, said Sulaiman Mohd Tahir (right), Group CEO of AmBank Group.
Now AmOnline transactions have migrated away from sending SMS OTP. All transactions must be authenticated via the AmSecure soft token embedded within the AmOnline app, which is restricted to only a single mobile device.
Furthermore, users must observe a cooling-off period and undergo a multi-factor authentication when a mobile device is enrolled for the first time, as well as any device change request.
For added security AmBank customers have the option to block their credit card or deactivate their AmOnline (Kill Switch). In compliance with cyber security requirements, AmOnline can only be accessed using up-to-date version of web browsers and supported mobile operating systems.
AmBank has also ceased sending SMS messages with hyperlinks and phone numbers.
Related Stories :