MBS providers must plug security holes

5 January, 2021 12:00 AM printer

It is indeed worrisome that mobile banking service (MBS), the popular mode of money transfer, has remained beset with fraud and forgery. The lead story in yesterday’s daily sun shed ample light on how fraudsters are stealing money from the accounts of MBS customers by taking them for a ride. What made the matter worse is the involvement of a section of MBS agents in these fraudulent activities.

The report says, when someone sends money to someone’s MBS number, the MBS agents secretly pass the information to fraudsters.  They then contact the recipient number by using cloned helpline numbers and introduce them as customer care officials. Then the fraudsters make the gullible MBS users divulge their PIN through various means e.g. lure of winning a lottery or threat of blocking their account. As soon as the criminals get the PIN, they transfer all money from the victims’ MBS account.

It is as easy as that! But the pertinent question is how the criminals can clone MBS helpline numbers. Isn’t it the responsibility of respective MBS companies to report to BTRC or law enforcement agencies that their number has been cloned?

And another question is how fraudsters can have access to someone’s account only by using their mobile number and PIN, whereas they don’t have SIM card of that particular number? Clearly, there are some serious loopholes in the security mechanism of mobile banking service, which the authorities must find out and solve.

The MBS service providers have a duty, and in fact are legally bound, to safeguard customers’ account. In order to ensure this obligation, the burgeoning MBS companies must revisit their security mechanism.

At the same time, cyber Security and Crime Division of police must enhance their capacity to deal with this new form of crimes involving mobile and online banking. If needed, a separate division should be created for this purpose.