top of page
Search
Writer's pictureJonar Marzan

A Failure in One of the Cybersecurity Pillar: Integrity

The banking industry has played a significant role in finance and the economy among world countries for ages. In the Philippines, Banko Sentral ng Pilipinas (BSP) regulates the financial stability of the country towards sustainable economic growth. It also provides policies and supervision with the banks in the Philippines.

Banks offer services like deposits, loans, and insurance. One of the most common commercial banks is owned by private corporations. These corporations attract investors and customers by offering stocks and investments with higher profit percentages if customers choose to entrust their money with them.


With today's technology, banks started to develop an online banking feature that allows customers to do their transactions through mobile devices, electronic tables, and computers in the comfort of their homes.



 

Online Banking Takes Over

The trend of online banking has increased since the pandemic because of convenience, security, and customer satisfaction. This innovation led banks to develop an application that can be easily accessible to customers. However, as online banking takes over traditional banking, it has to invest in cybersecurity for app security. Regular updates can fix minor issues and prevent cyber threats and attacks.


Bank of the Philippine Islands (BPI), an Ayala Group-owned bank, has recently stormed social media in the Philippines amidst the recent celebration of the New Year. Customers have been ranting on Twitter and Facebook due to duplicate transactions and unauthorized withdrawals under the entity of a 0431 Debit Memo. BPI previously explained that a debit memo means debit transactions made on customers’ accounts while waiting for a system update. It was discovered that this incident was a system glitch, and the bank is resolving the issue and restoring the mobile application within the day.


Customers had different experiences with this incident, some had double withdrawal deductions, while others experienced no credit reflection on their account despite deposits. Despite the bank’s credibility, customers reiterated that this was not the first time. Although previous glitches were fixed, they cannot help not to worry because it is their money, while other banks have also a history of glitches, wiping savings accounts, and even unauthorized withdrawals due to phishing cybercrime.



The System of Online Banking

As a cybersecurity measure, banks use their authorized email address to send information regarding safe online banking and prevent phishing scams. They also recommend customers reset their passwords over a course of time and change it with a stronger password. Additional security features such as biometrics and facial recognition to maximize the account protection.


Customers usually complied with recent cybersecurity policies implemented by their banks. Despite best efforts, mobile banking apps continue to have glitches, including system shutdowns, and inaccessible to mobile banking due to system maintenance without any announcements. These glitches may affect the trust of customers and damage the integrity of the banks. There are a lot of what-ifs on a customer’s mind like what if the lost money will no longer be recovered if the system were hacked, if this was a scam, what will happen to their savings.


One of the current challenges in mobile banking is establishing a modern data platform. A business must aim for a modern data platform that is data-driven and provides trustworthy data. There are still banks that are using multiple legacy systems. These systems might work with their original purpose, but are outdated and cannot keep up with current cybersecurity challenges, thus holding the business back. Businesses are widely aware of the problems with legacy systems but somehow reluctant.


To catch up with the trend and demands of customers, businesses may consider investing in Software-as-a-Service to manage their data and processes. Maximize the use of data from the following:

  • Establishing a modern data platform that can deliver reports and analysis on customers' activities

  • Practice a data-driven mindset

  • Strengthen the integrity of data management

  • Invest in automation



Customer Protection

The customer entrusts banks to keep their money safe from intruders and thieves. The BSP issued a policy on consumer protection standards that banks should adhere to protecting customers’ information while providing excellent products and services. As a course of action, BSP called on BPI to directly report on them and reverse the erroneous transaction the bank caused to its consumer. It is rightful of BSP as a governing council to call on banks and hold them accountable in case of glitches, and data breach to ensure the quality of service to the people.


There is no guarantee that system glitches, cybersecurity threats, and attacks will never happen in the future. If there will be another suspicious transaction to harm the customers’ data, here are the things that can be done:

  • Immediately reset your mobile banking password and card PIN

  • Inform the bank of the incident and request for account/card deactivation

  • Ensure multi-factor authentication is enabled

  • Practice ways to avoid ATM skimming like cardless transactions such as PayPal

  • If cannot be avoided, stay vigilant when doing transactions with ATMs and report if there is any tampering with the machines.

51 views0 comments

Recent Posts

See All

Comentarios


bottom of page