BY LOONG TSE MIN
October 14, 2006
KUALA LUMPUR: All Malaysian banks are on track to fully implement the
two-factor authentication, a form of online identification security, by
Dec 1 as mandated by Bank Negara, said Association of Banks in Malaysia
(ABM) chairman Datuk Abdul Hamidy Abdul Hafiz.
Several banks have already implemented the system as an additional
security measure, Hamidy, who is also Affin Bank Bhd managing director
and chief executive officer, told a press conference yesterday.
In the two-factor authentication, customers must confirm their
identities through something they know, like a personal identification
number (PIN) or password, but also with something physical, like a
hardware token with numeric access codes that change every minute or a
On recent cases of online banking fraud through phishing or SMS, ABM
said these were not the result of any intrusion into the Internet
Rather, they occurred as a result of customers inadvertently revealing
their user IDs and passwords to third parties, it said, adding that it
was not the practice of any bank in Malaysia to send e-mail or SMS to
Internet banking customers asking them details of user IDs or passwords.
The two most common forms of phishing were social engineering or
tricking the customer into revealing his or her password and user ID,
and through a phoney website of the bank that the user was sent to when
a link on an e-mail was clicked on, said ABM council member Piyush
Gupta, who is also Citigroup Country Office and Citibank Bhd chief
We urge all customers to contact their respective banks first should
they receive any suspicious e-mail or SMS, said Hamidy.
At present there are 2.5 million Internet banking customers in Malaysia,
conducting some 12 million transactions a month, while the growth rate
for Internet banking customers was 20% in 2005.
The security system for Internet banking in the country was not only in
line with, but often exceeded, the minimum requirements of Bank Negara
and was on par with international standards such as ISO 17799 and
accredited independent security consultants, Hamidy said.
We wish to emphasise and assure the public that Internet banking will
continue to be safe, given the technology and security measures that are
in place. However, it is a dual responsibility of customers and banks
that is critical in addressing this issue of online fraud, he said.
1995-2005 Star Publications (Malaysia) Bhd (Co No 10894-D)
Visit the InfoSec News store!