Bank Negara Malaysia is now sharing a number of things in parallel with the Financial Crimes Virtual Exhibition Launch Ceremony, mainly focusing on the use of OTP for payment verification.
OTP using SMS is ready to be used by banking institutions in sending a confirmation code via SMS, which needs to be input by the user to confirm the transaction. However, recently, there is a malware application that can read the SMS, and is used to steal money from the user's account.
In parallel, Bank Negara is now asking financial institutions to switch from sending OTPs using SMS to stronger authentication methods.
Some financial institutions such as Maybank and CIMB have already switched to app authentication, but there are still banks that use this OTP feature.
In addition, BNM also asks users to be given a cooling-off period for first-time registration for online banking, or when activating it on a device. During this period, any online banking activities will not be allowed.
This transition and introduction of new features is expected to be implemented by banking and financial institutions in stages – and some have already implemented it today.