Banks tell users: Put on your best face

Banks tell users: Put on your best face

Explainer: A central bank measure starting in June requires facial scans for mobile transactions of more than 50,000 baht per day

Bank of Thailand regulations call for biometric authentication of high-value mobile banking transactions as part of measures to protect consumers from cyber-risks.
Bank of Thailand regulations call for biometric authentication of high-value mobile banking transactions as part of measures to protect consumers from cyber-risks.

Banks have notified customers to be ready to authenticate their identities by scanning their faces on their mobile devices when conducting three types of mobile financial transactions, as part of the Bank of Thailand's strategy to prevent financial fraud.

WHAT ARE THE TRANSACTION TYPES?

Under the measures, a facial scan on mobile devices is needed for: mobile money transfers of more than 50,000 baht per transaction to local or overseas accounts; transfers of more than 200,000 baht per day; and to change the limit for credit transfers on mobile devices to more than 50,000 baht per transaction.

In the future, banks can adjust the amount from 50,000 baht that triggers the facial scan requirement in order to fit with their customer types.

Bank customers do not have to scan their faces to transfer more than 50,000 baht to pay bills, such as credit cards, phone bills or stock purchases.

According to the Bank of Thailand schedule, all banks should be ready to introduce biometric authentication for the three types of transactions in June this year.

Some banks such as Bangkok Bank plan to introduce this facial scan requirement next month.

Banks also notified their customers to bring their ID cards to bank counters nationwide to update their information and take a photo of their faces in preparation for the biometric facial scan for the three types of transactions.

HOW WILL THIS MEASURE REDUCE CYBER-RISK?

According to the central bank, the biometric authentication is required for high-value mobile banking transactions as part of measures to protect consumers from cyber-risks.

The regulator set the requirement at 50,000 baht because it found the amount represents only 1% of total daily mobile banking transactions. The requirement should not affect most bank customers as most transactions are less than 50,000 baht.

According to the central bank, it is difficult for fraudsters to create fake biometric information for bank customers because it would require a lot of investment and sophisticated technology.

A user uses the facial recognition feature on a mobile banking app.

Banks have standard biometric comparison systems to detect fake biometric identities, said the regulator.

Earlier Bank of Thailand governor Sethaput Suthiwartnarueput said while the measures may be inconvenient for customers, they will increase security for digital banking transactions.

As reports of financial cybercrime spread, the central bank has collaborated with related organisations, both in the government and the private sector, to detect suspicious transactions and deposit accounts.

According to central bank data, from March to December 2022 there were around 50,000 cases of online shopping fraud, 20,000 cases of money transfer fraud, 18,000 cases of lending fraud, and 13,000 cases of call centre fraud. There were 58,000 cases of nominee deposit account fraud with total reported losses of 5.5 billion baht.

The central bank recommends bank customers do not click on suspicious links sent to their Line messaging app or email accounts, nor should they download mobile apps from the unauthorised sources.

People should also not use unsecured mobile devices to conduct financial transactions, according to the regulator.

Bank executives said previously they are continuing to develop cybersecurity systems to prevent financial fraud.

WHAT HAS BEEN THE EFFECT OF A NEW LAW ON CYBERCRIME?

A new royal decree on cybercrime prevention and suppression recently went into effect, giving victims, banks and the authorities more options to fight online scams and other illegal online activities.

The law allows victims of online scams to immediately file for the suspension of mule accounts set up to take advantage of their stolen identity.

Victims can do so through the hotline numbers of 15 banks, as well as file a scam complaint with police stations, physically or online.

The law gives banks the authority to temporarily suspend a suspected mule account, as well as use artificial intelligence technology to investigate illicit transactions.

The law also outlines the punishment for cybercriminals.

Do you like the content of this article?
COMMENT (43)