From July 1, 2024, biometric authentication will be required for the first transaction using Mobile Banking in Vietnam

From July 1, 2024, biometric authentication will be required for the first transaction using Mobile Banking in Vietnam
Le Truong Quoc Dat

On December 18, 2023, the State Bank issued Decision 2345/QD-NHNN on application of safety and security measures to online payment and card payment in Vietnam.

From July 1, 2024, biometric authentication will be required for the first transaction using Mobile Banking in Vietnam

Specifically, credit institutions, FBBs, organizations providing payment services shall implement solutions for minimization online payment risks as follows:

(1) Before an individual customer makes the first transaction using the mobile banking app or before making a transaction using a device that is different from the latest device on which the mobile banking app was used, the customer must be authenticated:

- Using the customer's biometric identifier that: (i) matches the biometric data in the customer's ID card issued by the police authority 4; or (ii) is authenticated by the customer's electronic identification account created by the electronic identification and authentication system; or

- The customer's biometric identifier that matches the customer's biometric data in the biometric database 6, combined with SMS/Voice OTP or OTP generated by soft/hard token.

(2) Send notifications of first login into the Internet Banking/ Mobile Banking app or notification of login into the Internet Banking/ Mobile Banking app on a device that is different from the latest device via SMS or another channel registered by the customer (email, phone number, etc.)

(3) Store information about the devices that are used by customers to make online transactions and transaction authentication logs for at least 3 months.

- Mandatory device information includes:

+ For mobile devices: unique identifier of the device e.g. IMEL Serial, WLAN MAC, Android ID, etc.

+ For computers: MAC address or other device identifiers via the application programming interface (API) of the operating system.

- The authentication log shall contain the following information: authentication methods, authentication times, codes of authenticated transactions, customers' codes.

For detailed information, please refer to Decision 2345/QD-NHNN issued in 2023, which takes effect on July 1, 2024, and replaces Decision 630/QD-NHNN dated March 31, 2017.

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE

374 lượt xem



Related Document
  • Address: 19 Nguyen Gia Thieu, Vo Thi Sau Ward, District 3, Ho Chi Minh City
    Phone: (028) 7302 2286
    E-mail: info@lawnet.vn
Parent company: THU VIEN PHAP LUAT Ltd.
Editorial Director: Mr. Bui Tuong Vu - Tel. 028 3935 2079
P.702A , Centre Point, 106 Nguyen Van Troi, Ward 8, Phu Nhuan District, HCM City;