PETALING JAYA: Banks should leverage on data analytics and artificial intelligence (AI) technology to further enhance security, on top of existing measures.
Universiti Sains Malaysia associate professor Dr Selvakumar Manickam said while AI technology is still in its infancy, the adoption of AI and data analytics as well as joining hands with key players in the ecosystem will be crucial to curb online scams.
He added that while the measures taken by banks to combat online bank fraud are commendable, they are not foolproof or future-proof.
“Cybercriminals will inevitably find ways to circumvent these measures, necessitating ongoing adaptation and improvement.
“To combat this persistent threat, collaboration among banks, telcos, social media platforms and government agencies is crucial,” he told StarBiz.
Additionally, telcos can play a more significant role by implementing stricter policies for phone number registration and holding owners accountable for numbers used in fraudulent activities, Selvakumar added.
According to the Royal Malaysia Police, a total of 71,833 scams were reported from 2020 to May 2022, amounting to losses of more than RM5.2bil.
In December 2022, Bank Negara announced five key measures to combat financial fraud, which include migrating from short messaging service (SMS) one-time passwords to a more secure authentication method, a transaction cooling-off period, a single designated device for authorisation, removal of hyperlinks from SMS and email communications, and a 24-hour cyber fraud security online.
In line with this, Malayan Banking Bhd said it will be implementing a 12-hour cooling-off period for transfer limit increase requests on its Maybank2U website, effective July 31.
Banks like CIMB Bank Bhd, AMMB Holdings Bhd (Ambank) and Public Bank Bhd have also rolled out similar efforts.
Other measures that banks have also employed include the kill switch or lock account and mandatory SecureTAC measures.
CIMB told StarBiz since the implementation of both the cooling-off period and mandatory SecureTAC measures in June 2023, the group has observed a significant reduction of up to 88% quarter-on-quarter in unauthorised ID registrations, demonstrating the effectiveness in preventing fraud.
Selvakumar said while the cooling-off period is a positive step, this measure may cause inconvenience for users who need to make legitimate urgent transactions.
On this note, CIMB said while users took some time to adapt to new security measures, the preventive measures have been well received, with customers recognising the importance of protecting their banking information.
“Most recently, we have also introduced enhanced security measures to protect users from potential fraud associated with malware that exploits screen sharing and accessibility permissions,” it said.
Selvakumar said the effectiveness of measures like kill switch and account lock remains unclear, as the number of scams and frauds has not significantly decreased.
“This could be attributed to the fact that these measures still rely on user awareness and action, which may be lacking in some cases.”
In this regard, Direct Lending founder Yik Seong Hui said education is still the most important aspect in curbing online frauds.
“The steps that banks have taken so far is definitely a good step forward. Nonetheless, the burden of combating scams does not solely lie with the bank.
“Users also need to manage their accounts responsibly. Hence, a lot of education is still required, particularly among the lower or middle-income groups,” he said
Meanwhile, Ambank also noted one of the key areas it is focusing on to further strengthen security measures is customer education.
“We have ongoing programmes across all customer touchpoints, including informative content displayed in branches and online banking platforms. Additionally, regular reminders via prevalent fraud tactics are pushed through AmOnline App’s notifications to keep customers vigilant,” it told StarBiz.
Ambank said the cooling-off period combined with its existing measures will create a robust defence system that safeguards their customers’ financial well-being.
“Our security measures are constantly reviewed and updated. This proactive approach ensures we stay ahead of emerging threats and adapt our defences accordingly.”