Many banking apps do not protect users' safety.

At the workshop “Promoting the potential of domestic credit cards towards a cashless society” organized by Lao Dong Newspaper in collaboration with the Payment Department (State Bank of Vietnam) and the National Payment Corporation of Vietnam (Napas) on the afternoon of May 21, Mr. Pham Thai Son - Deputy Director of the National Cyber ​​Security Monitoring Center (Information Security Department, Ministry of Information and Communications) - said that many banks currently cannot pass the test on the safety protection mechanism for users.

According to the results of the application assessment of 29 banks conducted by the Department of Information Security in September 2023, there were 6 applications that did not implement 2 basic security, 9 applications implemented security simply, 9 applications implemented security well and 5 applications were assessed as implementing tight security.

Regarding the overall results, Mr. Pham Thai Son said that 21% of applications have no protection, 21% of applications are easily bypassed by hackers, 31% of applications are difficult to bypass, and 17% of applications are tightly deployed.

With about 70 million Vietnamese people using the internet, bad guys take advantage to commit fraud and focus mainly on financial fraud, accounting for more than 72% of cyber fraud cases.

In 2023, the Information Security Warning Page (Ministry of Information and Communications) received nearly 17,400 reports of online fraud from internet users. In the first quarter of 2024 alone, more than 4,100 reports of online fraud were received. Of these, more than 60% of victims were scammed via personal phone calls.

The general pattern of the stages of an online scam is that the subject approaches the victim through calling, texting, emailing, or using social media.

After reaching out, the scammer sends a link to a fraudulent website to steal information and transaction codes. Or the scammer lures the victim into installing a malicious application (mobile app), leading them to OTT to manipulate their psychology.

Finally, the subject appropriates the assets by transferring money to junk bank accounts, through payment gateways or through virtual currency.

“The problem is that it is very difficult to trace the source of money when the subject transfers money out. Most of the money flows through different accounts, then transferred abroad. Early detection of money flows will help recover money for people and ensure safety for banks,” said Mr. Pham Thai Son.

Although authorities and banks regularly update new forms of fraud, scammers continue to come up with new scams based on "trends". For example, during tax settlement season, scammers will call to invite people to download a remote tax settlement app.

Mr. Pham Thai Son recommends that banks need to detect and warn users early, and prevent potential risks early.

According to Mr. Son, to effectively prevent fraud, banking applications need to have mechanisms to detect malicious behavior in the application, and detect fraud when strangers infiltrate the user's banking application.

At the discussion, Deputy Governor of the State Bank Pham Tien Dung said that to prevent fraud, the State Bank has required commercial banks to only open and use remote accounts using chip-embedded citizen identification cards. If there is no chip-embedded citizen identification card, the card can only be opened at the counter.

In particular, from July 1, 2024, banks will have to apply biometric authentication policies when transferring money over 10 million VND. This regulation aims to avoid the situation of renting or lending bank accounts.

“Accounts that are not in the owner’s name or opened with fake documents will be eliminated. The State Bank has discussed with commercial banks and A05 (Ministry of Public Security) to choose a number above 10 million VND because we have a roadmap, so as not to affect the user experience. 70% of online banking transactions are transactions under 1 million VND, so we cannot require people to buy a bottle of water or a bus ticket to have biometric authentication,” said Deputy Governor Pham Tien Dung.