PETALING JAYA: Banks are expected to leverage data analytics and artificial intelligence (AI) technology to further enhance security, in addition to existing measures.
Universiti Sains Malaysia Associate Professor Dr Selvakumar Manickam said that although AI technology is still in its infancy, embracing AI and data analytics as well as collaborating with key players in the ecosystem will be crucial in curbing online scams.
He added that while the measures taken by banks to combat online banking fraud are commendable, they are neither foolproof nor future-proof.
“Cybercriminals will inevitably find ways to circumvent these measures, which will require continuous adaptation and improvement.
“To combat this persistent threat, collaboration between banks, telecom operators, social media platforms and government agencies is crucial,” he told StarBiz.
Additionally, telecom operators can play a greater role by implementing stricter policies for registering phone numbers and holding owners accountable for numbers used in fraudulent activities, Selvakumar added.
According to the Royal Malaysian Police, a total of 71,833 scams were reported between 2020 and May 2022, resulting in losses of more than RM5.2 billion.
In December 2022, Bank Negara announced five key measures to combat financial fraud, including migrating one-time passwords from short messaging services (SMS) to a more secure authentication method, a cooling-off period for transactions, a single designated device for authorisation, removing hyperlinks from SMS and email communications, and 24-hour online security against cyber fraud.
In line with this, Bank of Malaysia Bhd
announced that it will implement a 12-hour cooling-off period for transfer limit increase requests on its Maybank2U website, effective July 31.
Banks like CIMB Bank Bhd, AMMB Holdings Bhd (Ambank) and Public Bank Bhd have also made similar efforts.
Other measures used by banks include kill switch or account lock and mandatory SecureTAC measures.
CIMB told StarBiz that since the implementation of the cooling-off period and mandatory SecureTAC measures in June 2023, the group has observed a significant quarter-on-quarter reduction of up to 88% in unauthorised identity registrations, demonstrating its effectiveness in preventing fraud.
Selvakumar said that while the cooling-off period is a positive step, the move may cause inconvenience to users who need to make legitimate urgent transactions.
In this regard, CIMB said that while it took some time for users to adapt to the new security measures, the preventative measures were well received, with customers recognising the importance of protecting their banking information.
“More recently, we have also introduced enhanced security measures to protect users from potential fraud associated with malware that exploits screen sharing and accessibility permissions,” he said.
Selvakumar said the effectiveness of measures like kill switch and account locking remains uncertain as the number of scams and frauds has not reduced significantly.
“This could be because these measures still depend on user awareness and action, which may be lacking in some cases.”
In this regard, Direct Lending founder Yik Seong Hui said that education remains the most important aspect in combating online fraud.
“The measures taken so far by the banks are certainly a step forward. However, the fight against fraud does not rest solely on the banks.
“Users also need to manage their accounts responsibly, so much needs to be done to raise awareness, especially among low- and middle-income groups,” he said.
Meanwhile, Ambank also noted that one of the key areas it is focusing on to further strengthen security measures is customer education.
“We have implemented ongoing programs across all customer touchpoints, including informative content displayed in branches and on online banking platforms. In addition, regular reminders regarding common fraud tactics are sent through AmOnline app notifications to keep customers vigilant,” she told StarBiz.
Ambank said the cooling-off period combined with its existing measures will create a strong defense system that protects the financial well-being of its customers.
“Our security measures are constantly reviewed and updated. This proactive approach allows us to stay ahead of emerging threats and adapt our defenses accordingly.”
