Illustrative image
In an effort to enhance security measures for online and card-based payments, the State Bank of Vietnam (SBV) issued Decision No. 2345/QD-NHNN on December 18, 2023, regarding the implementation of safety and security solutions for online payments and bank card transactions (Decision 2345).
According to Decision 2345, starting from July 1, 2024 (next Monday), all banks and payment intermediaries will be required to implement a unified policy for individual customers when transactions exceed VND 10 million or the total daily transactions exceed VND 20 million. This policy mandates the verification of biometric data (facial recognition) of the person performing the transaction, ensuring it matches the facial data of the account holder as verified through the National Population Database or the electronic chip-embedded Citizen Identification Card (CCCD) issued by the Ministry of Public Security.
Additionally, prior to an individual customer’s first transaction using Mobile Banking or before conducting a transaction on a different device than the one used for the most recent Mobile Banking transaction, mandatory re-authentication of biometric identifiers is required.
According to statistics from the State Bank of Vietnam, approximately 70% of individual customer payment transactions in Vietnam are valued below VND 1 million, with transactions over VND 10 million accounting for only about 11% of the total. Moreover, less than 1% of individuals have daily transactions exceeding VND 20 million. As such, the implementation of biometric authentication will not significantly impact the majority of users’ payment transactions.
Furthermore, as of the end of 2023, the Ministry of Public Security had issued over 84.7 million CCCDs with embedded chips and 70.2 million VNeID accounts, ensuring “accurate, complete, clean, and current” data.
“This is an important source of input data that helps the banking industry implement accurate customer identification and verification,” stated the State Bank of Vietnam.
Decision 2345 was issued against the backdrop of a complex and evolving landscape of high-tech crimes, characterized by sophisticated methods, cross-border organization, and signs of collaboration between domestic and foreign entities.
Notably, cyberattacks on information technology systems and online fraud in the financial and banking sectors pose significant risks to financial and monetary security, resulting in substantial losses and public discontent.
According to data from the Ministry of Public Security, in 2023, the Vietnam Information Security Portal recorded approximately 13,900 cyberattacks on agencies, organizations, and businesses, along with nearly 16,000 reports of online fraud, causing losses of over VND 390 trillion (equivalent to 3.6% of GDP). The total amount of money scammed from individuals through online means was estimated to be between VND 8 trillion and VND 10 trillion, a 50% increase compared to 2022. Notably, 91% of this information was related to the financial sector, and 73% of mobile users received fraudulent messages or calls.
The State Bank of Vietnam stated that the purpose of issuing Decision 2345 is to ensure that online banking transactions are conducted by the account holders themselves, thereby protecting customers and contributing to the reduction of fraud and the prevention of account rental, borrowing, or purchasing for illegal purposes.
At their core, the solutions outlined in Decision 2345 involve verifying that the information of the account holder matches the information on the Citizen Identification Card (CCCD) issued by the Ministry of Public Security or the National Population Database, eliminating fake, non-owner, and illegal accounts. This enables credit institutions to accurately identify and verify customers during payment transactions.
According to technology experts, traditional transaction authentication methods, such as passwords and one-time passwords (OTPs), are becoming increasingly vulnerable to attacks. In contrast, biometric authentication, which relies on unique physical characteristics, can effectively minimize the potential for forgery and fraud by malicious actors.
This solution enables regulatory authorities and service providers to accurately identify account holders, transaction initiators, and beneficiaries. This not only safeguards customer accounts but also helps banks mitigate fraud risks.
Currently, banks, e-wallets, and users are racing to update their biometric data before Decision 2345/QD-NHNN comes into effect. As per the guidelines, users can proactively register their biometric data on their smartphones in three steps: taking photos of the front and back of the chip-embedded CCCD, scanning the NFC on the CCCD, and scanning their faces and verifying the OTP.
Most users have reported that the process is straightforward and swift. However, on tech forums, many individuals have encountered difficulties in registering their biometric data on banking apps, particularly during the NFC scanning step.
If users face challenges with the registration process on their phones, they can visit the transaction counters of banks to complete the biometric data registration.
Consumer Rights Day: Ensuring Safety in the “Online Marketplace”
The activities in response to Vietnam Consumer Rights Day 2024 will be organized throughout March 2024 (peak month) and extend throughout the year with the theme “Transparent information – Safe consumption”…
Young woman does not receive commission after paying 1.5 billion VND for merchandise: Another victim deceived
Despite numerous warnings, a young woman in her twenties residing in Nam Tu Liem, Hanoi, has recently fallen victim to a scam, losing 1.5 billion Vietnamese dong.
Cybersecurity Bolstering Ordered by Premier
Prime Minister Pham Minh Chinh has just signed an official dispatch requesting ministries, sectors and localities to strengthen cybersecurity.
