PETALING JAYA: Bank Negara Malaysia (BNM) has given an assurance that the banks’ payment systems remain safe and secure, despite the cybersecurity breach experienced by online payment provider iPay88.
In a statement, the central bank said the breach originated from, and was confined to, the e-commerce firm’s payment card systems and did not involve the banks’ systems.
BNM maintained that Malaysian banks had strong authentication methods for online card transactions, which included prompting users for additional confirmation for transactions deemed “more risky”.
“This reduces the risk of fraudulent transactions occurring,” it said.
“For non-authenticated transactions, particularly purchases from overseas merchants, customers will not be liable for any fraudulent or unauthorised transactions that may arise from this incident.
“BNM has instructed banks to immediately notify affected cardholders of additional protective measures that will be taken to further protect them against risks of fraudulent or unauthorised transactions.
“Banks have also heightened their fraud risk management and monitoring of suspicious or fraudulent activities for affected cards.”
BNM also pointed out that forensic investigations were ongoing over the data breach involving iPay88, which it said it took seriously.
Noting that this incident could affect users’ confidence in the payment system, it said it would not hesitate to take supervisory or enforcement action to ensure that strong security safeguards were in place and maintained by banks.
It advised customers who noticed irregular or unauthorised transactions on their cards to immediately notify their banks.
Yesterday, iPay88 confirmed it experienced a cybersecurity breach more than two months ago which may have compromised the card data of users.
The e-commerce firm said an investigation was initiated on May 31 and was ongoing while cybersecurity experts had been roped in to mitigate the issue, with “no further suspicious activity detected since July 20”.
The communications and multimedia ministry’s personal data protection department has also begun a probe into the cybersecurity breach. - FMT
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.