Maybank to fully migrate from SMS OTP to Secure2u by June 2023

IN line with Bank Negara Malaysia’s (BNM) initiative for banks to migrate from SMS one-time passwords (OTP) to a more secure authentication for online activities or transactions, Maybank has announced that it will fully migrate its secured authentication method to Secure2u by June 2023.

Maybank introduced the usage of Secure2u in April 2017 as a safer and more convenient way for its customers to authorise Maybank2u and MAE transactions using secure verification (one-tap approval) and secure transaction activation codes (a six-digit TAC number generated on the mobile app). This feature is an alternative to SMS TAC.

As of now, Maybank’s Secure2u feature only allows one Secure2u device per account holder (per customer). This is to minimise the possibility of customer’s online banking details being compromised or hacked by any third party.

As an added security measure, Maybank will alert customers via SMS, a push notification and an email when Secure2u is registered on a new device.

“We remain highly committed in helping our customers to avoid being scammed by fraudsters,” said Maybank CEO and group president Datuk Khairussaleh Ramli.

“This is done through existing security measures that are already in place and as we progressively roll out more measures that can help deter or minimise the likelihood of customers falling prey to financial scams.”

Khairussaleh said that Maybank is supportive of BNM’s Sept 26 announcement in relation to the five measures to be adopted by banks in Malaysia to ensure higher standards of security, especially for Internet and mobile banking services.

Khairussaleh Ramli

“The banking industry is committed to working together to combat financial scams which are increasingly prevalent in today’s digitised environment,” he added.

Furthermore, Maybank will also introduce a cooling-off period when customers enable Secure2u on a different device to help prevent unauthorised Secure2u approvals by the fourth quarter of 2022.

The cooling-off period before the activation of Secure2u on a new mobile device will provide sufficient time for customers to verify and report to the bank in case of any unauthorised registration.

In an attempt to mitigate the rise in financial scams and safeguard Maybank’s customers account details, Maybank will implement the cooling-off period for first time enrolment or when a new device is registered on Secure2u.

Maybank also has a fraud detection and monitoring system with customised rules and additional risk parameters in addition to a call-back verification process to alert customers of suspicious transactions in place.

Maybank urged customers to contact their 24/7 hotline at +603 5891 4744 immediately in case of any suspicious activity.

Alternatively, customers can contact Maybank Customer Care Hotline at 1-300-88-6688. This will enable Maybank to promptly assist customers in preventing further losses immediately.

Meanwhile, Maybank would like remind its customers to protect themselves with some useful tips:

  • Avoid installing/downloading apps/Android Package Kit (APK) files or clicking on suspicious links sent via chat messages such as SMS, WhatsApp, Messenger or other similar services;
  • Do not provide permission for any app to send or view your SMSes;
  • Do not ignore any warnings from your devices, especially when downloading or installing a new file;
  • Do not enter your banking details, especially username or password, in any suspicious apps or websites;
  • Always keep your antivirus software updated for constant protection;
  • Only download apps from the genuine app stores such as Apple App Store, Google Play Store or Huawei AppGallery and not from a link;
  • Be alert if you are being prompted to download a file that is not compatible with your device i.e., iPhone/iPad device being asked to use an Android device to download a file.
  • Always look out for your online banking security image and phrase (ie, Maybank2u security image and phrase), to ensure the website and app are legitimate;
  • Do not root or jailbreak your device; and
  • Update your mobile device’s operating system (OS) and apps regularly.

Customers are also reminded to continuously protect themselves by ensuring their online banking details are kept safe and never shared with a third party either knowingly or unknowingly. – Sept 28, 2022

Subscribe and get top news delivered to your Inbox everyday for FREE