Business Skinning Left, pagematch: , sectionmatch: 1

Business ( Leaderboard Top ), pagematch: , sectionmatch: 1

Stricter authentication for online transactions to start Sept. 30

MANILA, Philippines — Banks are set to adopt stricter authentication measures for online transactions starting Sept. 30 to foster a secure digital financial services environment and protect consumers against cyber attacks, the Bangko Sentral ng Pilipinas (BSP) said.

BSP Deputy Governor Chuchi Fonacier said the adoption of multi-factor authentication techniques for certain transactions, as contained in Circular No. 958 issued last April, would push through as scheduled.

 “Looks like the adoption of multi-factor authentication will push through,” she said.

The circular was issued due to the increasing propensity and sophistication of cyber-attacks involving fund transfers, payments, and other transactions via online channels.

With the ongoing migration to EMV (Europay, MasterCard, and Visa) technology, the BSP said cyber-attackers face reduced fraud opportunities in traditional schemes which require customers to physically present their payment cards or the so-called “card present transactions” in ATM and/or POS terminals. 

Similar to the experience of other countries that have adopted EMV technology, the BSP is expecting an upsurge of cyber-attacks targeting card-not-present (CNP) transactions in the Philippines that intends to fully shift to the National Retail Payment System (NRPS) by 2020. 

Business ( Article MRec ), pagematch: 1, sectionmatch: 1

CNP transactions are normally done via online through internet or mobile applications such as fund transfers and payment of utility bills; buying airline tickets; online booking of hotels, tours and tickets; online shopping for products and services; and a host of other activities in e-commerce websites and other online or mobile platforms. 

The stronger authentication controls and measures are aimed at protecting online customers as well as addressing the increasing cyber-threats.

The enhancement to the regulation aims to reinforce the adoption of more stringent security controls for certain types of transactions by BSP supervised financial institutions. 

In particular, multi-factor authentication is mandatory for those transactions considered as sensitive communications and/or high-risk such as enrollment in transactional e-services, payments and fund transfers to third parties, online remittance, account maintenance and use of payment cards in e-commerce websites, among others. 

The process makes use of a combination of two or more authentication factors such as knowledge or something the user knows such as password, PIN; possession or something the user has in his/her possession such as payment card, one-time password generated through a security token or sent via SMS; and inherence or something that is inherent to the user such as fingerprint and retinal pattern.

Business ( Article MRec ), pagematch: 1, sectionmatch: 1
  • Follow Us:
Business Skinning Right, pagematch: , sectionmatch: 1