According to the draft, the scope of application has been expanded to include mobile money service providers, in addition to credit institutions, foreign bank branches, payment intermediary service providers, and credit information companies.
A notable new requirement is that online banking and mobile banking applications (commonly known as banking apps) must comply with the international OWASP security standards, addressing the top 10 most common vulnerabilities (OWASP Top Ten) and ensuring mobile application security (OWASP Mobile Application Security).
Significantly, banks are mandated to regularly monitor mobile banking app versions at least every two months, disallowing the use of versions older than two generations from the latest release. Customers are required to reinstall the latest version when activating a new device or upon detection of a security vulnerability. Additionally, measures must be in place to prevent downgrading to older versions.
New regulations enhance the safety and security of banking apps.
Upon identifying security vulnerabilities, banks must implement checks, block transactions, and promptly address, rectify, and update to the latest version. Applications must also automatically cease operation if a simulated environment, malware interference, or a rooted/jailbroken device is detected. The State Bank of Vietnam stated that these version control measures aim to limit or eliminate outdated or vulnerable versions.
The draft introduces mandatory biometric verification for changes to organizational customer identification information, in line with Directive 139/CĐ-TTg, to combat fraud involving the establishment of fake companies for payment accounts.
In electronic transaction confirmation, the drafting agency has removed standard electronic signatures, retaining only secure electronic signatures, digital signatures, or foreign electronic signatures recognized in Vietnam, aligning with the 2023 Law on Electronic Transactions and Decree 23/2025/NĐ-CP.
The appendix in the draft, which categorizes online payment transactions, has been refined to clearly distinguish between transaction types A, B, C, and D based on value, limits, and customer groups. It also mandates additional biometric verification for high-value transactions or newly established organizational customers.
The issuance of the amended Circular is expected to strengthen the security of the digital banking system, protect users from cybercrime risks, and establish a unified legal framework for emerging models such as mobile money, biometric authentication, and internationally standardized security practices.
“28 Banks and 4 Payment Intermediaries Linked with VNeID for Social Security Payments”
As of August 15, 2025, the banking sector had successfully acquired and cross-referenced over 123.9 million individual customer records with biometric data. An impressive 32 units have linked up with VNeID to facilitate social security payments, a testament to the industry’s commitment to efficient and secure transactions.
Disabling Over 400,000 Websites and Social Media Accounts Suspected of Fraud
In August 2024, the country witnessed a surge in fraud cases, with 815 reported incidents – an increase of over 11%. This alarming trend indicates that fraud is becoming an increasingly significant component of overall crime, accounting for nearly 16% of all offenses. Notably, online fraud constituted a substantial proportion, representing nearly 55% of the total reported cases.
What Banks Allow Withdrawals With ID Only?
“In addition to ATM cards, citizens can now withdraw cash using their national ID cards at select banks. This new initiative provides a convenient and secure alternative for individuals to access their finances.”
“Biometric Security: A Cat-and-Mouse Game with Cybercriminals, Says Deputy Governor”
“There is no such thing as a completely secure solution,” says Deputy Governor of the State Bank of Vietnam, Pham Tien Dung. He emphasizes that as soon as a new measure is implemented, criminals devise new ways to circumvent it, creating an ongoing battle for banks to continuously issue and promote security advisories. With each new fraudulent scheme, we must remain vigilant and proactive in our warnings.
Unlocking the Power of Biometrics in Banking: Resolving Implementation Hurdles
At the regular Government press conference on July 6, the Vice Governor of the State Bank, Pham Tien Dung, addressed the recent ‘hot’ topic concerning biometrics. He assured that any issues regarding the application of biometrics in banking transactions would be resolved by the banking system.
