Customers assured data secure

The National Business

By PETER ESILA
BANK South Pacific group chief executive Robin Fleming says the bank uses multiple cyber-security mechanisms to keep its customers’ access and data secured.
“Cyber-security threats are constantly evolving and cyber-crime actors constantly target financial institutions and their customer using various mechanisms,” he said.
According to the Cybernetic Global Intelligence (CGI) chief executive Ravin Prasad, a partner with Datec PNG Ltd in delivering cyber security programmes in PNG, the Federal Bureau of Investigation (FBI) last week warned the public about escalating security breaches in mobile banking applications (apps).
“As the public keeps increasing, their use of mobile banking apps on an extensive scale, is mostly due to increased time at home during the widespread pandemic,” Prasad said.
“So the FBI firmly expects cybercriminals to take advantage of these platforms.”
Fleming said BSP’s mobile banking app was one of the online access methods customers could use to operate their accounts.
“The app has been designed with updated security features and uses the latest security standards to encrypt customer’s information between their smartphones and BSP’s server,” he said.
“There are over 900 registered BSP customers using the app.
“BSP also employs a two-factor registration methods when customers download the app and use it the first time where a one-time-password is sent to their registered mobile phone number.”
Fleming said the app was locked to the registered mobile phone.
If the phone was lost or replaced, users had to register again to use the app on their new mobile phone.
“This prevents criminals from using stolen credentials on a different phone to transact from a customer’s account,” he said.
Prasad said while the issue was big in the United States, fake bank apps spoof major banks’ actual apps to trick users into logging in their account credentials.
“Specifically, when someone tries to sign in and then uses smartphone permission requests to bypass the authentication codes sent to users, these apps display an error message. According to research firms, nearly 65,000 fake apps were detected on major app stores in 2019,” Prasad said.
“Cybercriminals also create trojans in the banking sector, which are malicious applications that disguise as games or utilities.
“When a user launches a legitimate banking application, the downloaded trojan comes alive to display a fake version of the bank’s login page on top of the application.
“User enters their bank account credentials so they do not know they have been hacked.”