Bank of Thailand set to enhance cybersecurity protocols

The Bank of Thailand (BoT) is poised to implement enhanced mobile banking security measures aiming to improve the transfer system. These measures will include stricter authentication protocols, real-time fraud detection mechanisms, and increased user awareness campaigns to ensure safer transactions.

Key takeaways

• The Bank of Thailand plans to impose daily transfer limits for vulnerable groups, such as teenagers and the elderly, to enhance mobile banking security.
• Advanced biometric technologies, including facial recognition, will become mandatory for high-value transactions to strengthen fraud prevention.
• Mobile banking apps must implement anti-malware safeguards and cease functioning on jailbroken or outdated devices to mitigate cybersecurity risks.

Some new measures will include capping daily transfer limits for specific groups such as teenagers and the elderly to a maximum of 50,000 baht.

According to a source from the Thai Bankers Association, the BoT recently concluded public consultations on proposed regulatory amendments to bolster financial services’ security. 

These changes are designed to address vulnerabilities in mobile banking by imposing stricter controls on outgoing transfers via mobile apps.

What will be the new measures?

Under the proposed measures, account holders under 15 or classified as elderly will face daily transfer limits. 

These restrictions are intended to protect individuals deemed more susceptible to manipulation or fraud, particularly in cases where scammers coerce them into transferring money.

In addition to limiting transfers for vulnerable groups, banks will be required to integrate advanced security features, including facial recognition and biometric forgery detection.

These technologies will become mandatory for transactions exceeding 50,000 baht in a single transfer or a cumulative 200,000 baht in one day.

The BoT also plans to mandate anti-malware and anti-hacking safeguards for mobile banking applications to prevent data breaches and ensure customer safety. 

Furthermore, mobile banking apps will no longer be allowed to operate on jailbroken devices or phones running outdated operating systems, as these are considered high-risk platforms for cybercriminals to exploit.

The source revealed that the BoT is expected to announce these measures later this month. 

Non-bank service providers under BoT regulation will also need to align with these standards by the first quarter of the year.

To address concerns about accountability in fraudulent transfers, regulatory authorities are exploring frameworks inspired by Singapore’s Cyber Security Agency. 

The proposed changes would hold institutions jointly liable for losses caused by system flaws, ensuring banks are not solely burdened with responsibility.

The amendments will also introduce stricter penalties for individuals or entities involved in selling customer data, a critical issue that leaves consumers exposed to scams.