Banking and finance sector prioritises cyber security
VOV.VN - Digital transformation of the banking and finance sector has made cyber security and information safety a major concern.
The COVID-19 pandemic has increased e-commerce, bringing new risks along with the new convenience.
Digitalization and the coronavirus pandemic have caused Vietnamese consumers to dramatically change their shopping behavior. Increasingly, they are purchasing products and services online and making payments electronically.
But Duong Manh Hung, CEO of the Vietnamese Network Security Company (Vsec), says new technologies in the banking and finance sector has led to increased bank fraud and other criminal behavior.
He added, “As the pandemic has gotten worse, e-payment has been used more widely, but it has brought risks in the form of bugs or security loopholes in the e-payment systems. Hackers take advantage of these loopholes to steal customers’ personal information or gain administrator access to sensitive data and functions.”
According to experts in financial security, customers’ personal information, passwords, and financial information are often vulnerable to cybercriminals. There are many opportunities to commit fraud, steal data, or install viruses and malware.
The situation is becoming more alarming as Vietnam's banking industry begins its digital transformation for the retail market, says IT expert Pham Minh Thanh.
“Hackers can directly attack the applications of banks and other businesses, websites, or online applications. They can also send fake emails to trick users or administrators into revealing sensitive information. Hackers can attack the infrastructure of a business and steal or corrupt its customer information," said Thanh.
The data networks of the government, banking and finance, and healthcare sector store valuable personal information, financial transactions, and critical infrastructure data, making them a tempting target for cybercriminals
Vsec’s Deputy Director Le Thanh Tung underlined the complexity and difficulty of information security and safety in the financial and banking sector by listing a number of recent cyberattacks.
“First, the customers who are using the bank’s services can be attacked directly. One popular fraud is making customers believe that a provided link is reliable. Thinking the fake link is a real link, customers “log in” only to have their username and password stolen. Customers may also be asked to provide an OTP code to make a money transfer. Many customers will do as they are instructed. This fraud takes place quite often. What we tell people is that no bank will ask their customers to provide passwords or OTP codes via phone or message or chat,” said Tung.
He touched upon the second fraud that involves collecting customer data entered at an ATM by installing a data reader device. Criminals can get passwords this way and create fake ATM cards. Banks are aware of and paying greater attention to this form of fraud, but it is still happening in some places.
Complete digital transformation is not yet compulsory for ordinary banks, but it is extremely important for fintech businesses, which have grown strongly in Vietnam in recent years.
For these businesses, securing users’ information is vital because all their transactions are online, said Nguyen Huy Du, CEO of DuCapital Holding, which specializes in developing new technology.
Du added, “Fintech companies are careful to select customers who have their own information security systems to protect themselves on top of the services offered by the fintech companies. Generally speaking, fintech companies have what I call a concept or an intention right from the very beginning when they organize money-related business activities in the digital environment.”
Vietnam is facing lots of challenges to its digital transformation – resources, user skills, culture, and awareness.
Here is Tung’s advice for businesses and individuals to ensure information security during this period of digital transformation: “Individuals and organizations should pay attention to the following factors: First, the human factor; second, creating regulations and processes to ensure information security; third, equipment infrastructure; and finally, solutions.”
Tung commented, “All of these factors are closely linked to information security, which we need to become knowledgeable about and take steps to reduce risks and be prepared for a timely response to any threat.”