On March 23, 2007, a Malaysian was captured for using a false Asian Commercial Bank (ACB)’s ATM card. At the investigation office, he declared that he used falsified ATM cards to withdraw VND41 million (US$2,560) three days after he entered Vietnam. Previously, Vietnamese Ngo An Tuan and his accomplices were prosecuted for using advanced technologies to forge cards and steal PIN codes to withdraw large sums of others’ money. ATM card security has become a burning issue.
High Volume, Low Quality
Entering the card market in 2003, the Vietnam Bank for Agriculture and Rural Development (Agribank) quickly occupied a major market share with average annual growth of 190 per cent. By late 2006, the number of new cardholders increased significantly, growing nearly 100,000 new cardholders a month on average. Agribank and other commercial banks of all sizes focused on card issuance because this is a most effective tool to approach consumers.
However, absorbed in issuing cards, the banks did not pay enough attention to service quality and card security. In fact, many card use frauds have been found in the past time. According to ATM experts, the low level of security technology in Vietnamese banks inevitably leads to PIN code stealing and card falsification.
In addition, the investment of Vietnamese banks for their products and points of sales (POS) is still cursory. The rate of ATM/population is now 1/20,800, failing to meet the increasing demand in the country. The number of ATMs with surveillance cameras is too few; hence, card users must protect security information on their own. In case they lose security information, their money will soon be withdrawn. In the meantime, to date, there is no commitment of issuing banks for the service quality guarantee. Many cardholders have been informed that the money in their accounts decreased although they didn’t make any withdrawal. Banks only pledged to reissue the cards.
Needing intensive investment
According to expert forecasts, the development of e-banking services will boom in one or two years. Hence, ATM card information security is vital.
According to a representative from Todos e Code, a Swedish banking security firm, Vietnam holds high potential and the possibility to develop e-banking, but if security technology is not strong enough, there will be a lot of risks. To be successful, banks and e-commerce firms must have completely new solutions to customer personal information security. For example, banks and e-commerce units can use Todos’ equipment and technology to change PIN codes after every use. When a customer uses his/her card to make online transactions, the Todos system issues new passwords to prevent PIN code stealing. Each new password exists only three second before being changed into a new one; hence, the card will be difficult to be hacked. In securities transaction, this system will keep buying and selling data unchanged in spite of password modifications, said the Todos e Code representative.
Mr Ha Huy Hao, General Director of Juniper Network Vietnam, a leading information security firm, said the most important matter is that banks apply new security technology and seek suitable partners to enhance security. However, information security requires not only equipment and technology, but also human resource training and investment.
Quynh Chi
Vietnamese
