30th September 2022 - 3 min read
CIMB Bank has stepped forth to reassure the public that it is “firmly on track” to fully implement the five enhanced security measures against scams that were recently announced by Bank Negara Malaysia (BNM).
Specifically, the bank highlighted that it has already begun migrating away from SMS OTP with the implementation of SecureTAC approval via its CIMB Clicks app for various online activities and transactions, with the migration expected to be fully completed by the first half of 2023. In the meantime, SMS OTPs will only be used as a fallback option for customers who are unregistered for the CIMB Clicks app or for FPX transactions, and will eventually be phased out.
Aside from that, CIMB also noted that it aims to implement the regulation to limit their customers to one secure mobile device for the authentication of online banking transactions by the end of October 2022. Along with this, a customer verification callback process will also be introduced for all new online banking registration and new secure device activation.
Additionally, the bank has pledged that it will gradually introduce a cooling-off period as an additional safeguard for first-time enrolments of online banking or secure devices. Upon implementation, CIMB will avoid activating its services for these customers until the bank has obtained verification or made contact with them.
CIMB further stressed that it already has a sophisticated real-time fraud monitoring system in place to detect high-risk transactions and abnormal usage behaviour, but will continue to enhance the system on an ongoing basis. Moreover, customers can always call the bank’s 24/7 Consumer Contact Centre if they wish to lodge reports of scams, or request for their bank accounts and cards to be suspended due to suspected fraud. That said, CIMB noted that a self-service feature for customers to temporarily suspend their accounts without having to call to the Contact Centre is also already in the works; this feature will be available on CIMB’s digital banking platform, and is slated to be rolled out by the first half of 2023 as well.
In addition to these five safeguards – which adequately meet the requirements of BNM’s recent directive – CIMB said that it is also going the extra mile by introducing some additional security measures. These include discontinuing the inclusion of live URLs in CIMB’s SMSes to its customers – set to take effect by the end of 2022.
“The safety and security of our customers remains a priority in everything that we do, and we remain committed to continuously enhance and tighten all measures in order to ensure our customers’ funds and banking transactions remain secure,” said the group chief executive officer of CIMB Group, Dato’ Abdul Rahman Ahmad.
Finally, CIMB urged its customers to also assist in the battle against scams by always staying vigilant when transacting or banking digitally. Among other things, they should avoid downloading any installation files (APK files) from unverified sources onto their devices, and to always verify that they are not clicking on phishing links without a secure URL.
Subscribe to our exclusive weekly newsletter and we’ll bring you the week’s highlights of financial news, expert tips, guides, and the latest credit card and e-wallet deals.
Stay tuned for what’s to come next in the personal finance world