We have been using OTP for many years, and it has been working very well for us in the past, but no one method of security in the world can last forever. Every day, cybercriminals learn and adapt to new ways to break into the system. We always have to stay one step ahead of the cybercriminals, so it is time to find a new and more secure method to safeguard our hard-earned money.
In a news report by FMT, in order to increase protections against financial scams in light of the surge in cybercrime in Malaysia and throughout the world, Bank Negara Malaysia (BNM) urged banking institutions to switch from the one-time password (OTP) system to more secure forms of authentication for online transactions.
The governor of BNM, Nor Shamsiah Yunus, noted that major banks have begun moving away from the SMS OTP method for online activities and transactions including the establishment of accounts, financial transfers, payments, and changes to personal information and account settings.
Secondly, financial institutions will further tighten fraud detection rules and triggers for blocking suspected scam transactions. Customers will be immediately alerted when any such activity involving their banking account is detected.
As an additional measure, financial institutions will block such transactions, and customers will be asked to confirm that such transactions are genuine before they are unblocked.
BNM, governor, Nor Shamsiah Yunus
Besides that, new users of online banking services or secure devices, will not be allowed to perform online banking activity for a certain amount of time. Additionally, customers will be limited to using a single mobile or secure device for the authentication of online banking transactions and financial institutions will also be compelled to set up dedicated hotlines for customers to report financial frauds.
Financial institutions have been directed to be more responsive to scam reports lodged by customers. Financial institutions have also been directed to facilitate efforts to recover and protect stolen funds, including to work with relevant agencies to prevent further losses.
BNM, governor, Nor Shamsiah Yunus
Customers must be given easy options to suspend their bank accounts if they believe they have been hacked due to fraud. After a certain amount of time, customers can reactivate them once they know their accounts are safe.
These extra steps, according to her, may result in “some friction or inconvenience” for customers using online banking, such as increased waiting times for transactions, but they are crucial to safeguarding the interests of customers.
As always, the best protection against scams is knowledge and common sense. Don’t listen to suspicious individuals, don’t click on any suspicious links, and don’t download any apps outside of the App Store and Google Play Store if you don’t know what you are doing.
