With reference to the potential data breach incident as announced by iPay88 (M) Sdn. Bhd., a company providing payment gateway services to banks and merchants. Bank Negara Malaysia highlights that forensic investigations are still ongoing.
BNM says the breach which originated from and is confined to iPay88’s payment card systems does not involve vulnerabilities in the banks’ systems. According to the Central Bank, the financial institutions in the country observe strong authentication methods for online card transactions, including prompting cardholders for additional confirmation of certain transactions considered to be riskier.
In light of this incident, BNM has instructed banks to immediately notify affected cardholders of additional protective measures that will be taken to further protect them against risks of fraudulent or unauthorised transactions. Banks have also heightened their fraud risk management and monitoring of suspicious or fraudulent activities for affected cards.
The Central Bank says it takes a serious view of any incident that can affect confidence in the payment system, and will not hesitate to take necessary supervisory or enforcement actions to ensure strong security controls are in place and maintained by financial institutions, and customers are treated fairly. Customers are advised to immediately notify their banks if they observe any irregular or unauthorised transactions on their cards.
