Bank customers who want to transfer more than 50,000 baht through a mobile banking application will be required to use biometric verification, such as facial or fingerprint scans, as part of the process.
Biometric verification will also be required for banking app users who want to raise their daily money-transfer limit higher than 50,000 baht.
Sethaput said commercial banks would revise the daily transfer limits to better suit the risks of different groups of customers. App users may change the limits if necessary but have to undergo a strict verification process.
Heightened security measures are being taken in response to the increase in technology crimes in via fake short messages, call centres, and mobile applications that dupe people to make money transfers or take control of their smartphones remotely and emptied their bank accounts via banking apps, the central bank governor said.
“These scams have caused many people to lose their savings and their confidence in the digital banking services provided by financial institutions. This could have a large-scale impact on the banking system in the long run,” Sethaput explained.
The central bank has worked with agencies inside and outside of the financial system to tackle the problem, including the Thailand Banking Sector Computer Emergency Response Team, the Ministry of Digital Economy and Society, and the National Broadcasting and Telecommunications Commission, he said.
Many accounts that sent SMS messages claiming to be from financial institutions have been closed down, Sethaput said.
However, he admitted, that it still takes a long time for banks to freeze customer accounts with suspicious transfers and that there are still a large number of “mule” bank accounts used by online criminals.
Sethaput said that in the latest effort to curb technology crimes, the central bank has issued a set of standard measures for all financial institutions to follow.
“The Bank of Thailand reckons that these measures will help financial institutions prevent risks and help people solve the problem more efficiently,” he said.
To prevent the risks, banks are advised to avoid sending SMSs with links to their customers – a method that has been used by online scammers to access unauthorised apps installed on unsuspecting smartphone users to gain remote control.
The BOT also instructed banks to regularly update their mobile banking security system to cope with new threats.
The “know-your-customer” verification must be stricter and not just a six-digit number is required. Customers using mobile banking will have to verify their identities with biological measurements or physical characteristics through facial recognition or fingerprint scans, particularly those who transfer more than 50,000 baht.
Under the new set of measures, the central bank requires financial institutions to make quicker moves in restricting the damage caused to their customers and to reduce the use of mule accounts. Financial institutions will have to develop a system to detect suspicious transactions with a “near real-time” capability to allow immediate cancellations of such transfers.
Every financial institution is required to have a round-the-clock devoted hotline centre for victims of online banking scams to report their cases for quick action.
The central bank has instructed all the financial institutions to be ready to implement the measures this month, Sethaput said, adding that some measures have been implemented already.