Institutions urged to plug loopholes in identification
The Bank of Thailand has exhorted financial institutions to keep a lid on loopholes in transactions to prevent sophisticated online theft.
“Upgrading technology related to identification is very important,” said central bank governor Veerathai Santiprabhob.
The Bank of Thailand issued an announcement to financial institutions on Aug 2 regarding the electronic-Know Your Customer (e-KYC) system to help banks with new customer identification technologies, such as finger scans and iris scanners, he said.
There are four groups that could be affected by embezzlement via new financial technology: consumers, financial institutions, telecommunication companies and regulators, said Mr Veerathai.
“The recent [internet banking fraud] incident has exposed a loophole involving all four groups,” he said.
Phansuthee Meeluekij, an auto accessories businessman in Ayutthaya, lost a large sum of money in July after mobile operator TrueMove issued a new SIM card to the suspected thief, apparently without checking his ID.
The SIM card was linked to Kasikornbank’s K-Cyber Banking and the thief cleaned out Mr Phansuthee’s account, leaving only 58 baht from the original amount of 986,700, after obtaining a onetime password from the bank with the new SIM card.
The thief also reset the passcode of the interbanking service after obtaining the new passcode from the bank’s call centre.
Since financial technology services are new developments, consumers need to have sufficient financial knowledge and should not share personal data such as usernames and passwords to access online banking services, said Mr Veerathai.
Consumers should also be aware of the importance of banking notifications.
Limiting daily transfers of e-money is another risk-prevention measure they should undertake, he said.
“Consumers need to understand risk-prevention measures in order to prevent becoming victims of [online] theft as many people are involved with greater electronic transactions,” said Mr Veerathai.
Compensation in cases involving electronic fraud would have to be based on identifying the person responsible, said Mr Veerathai.
Financial institutions have to shoulder the responsibility if a fraudulent case stems from their loopholes, but there have been cases where personal data is obtained from a victim’s acquaintance, he said.
Thakorn Piyapan, first executive vicepresident of Bank of Ayudhya, said the bank plans to implement some e-KYC technologies to verify clients.
Anuchit Anuchitanukul, executive vice-president of Kiatnakin Bank, said authentication is the key to verifying customers rather than methodology.