The Bank of Thailand has announced guidelines for ensuring the security of financial services and mobile payment transactions. These guidelines consolidate various regulations previously issued by the Bank into a single directive.
Financial institutions are required to implement measures such as prohibiting the sharing of links via SMS and email for posting information on social media, tracking the creation of counterfeit apps both on and off app stores, restricting the use of the bank app to one device per account, and confirming identity using biometrics for transactions over certain limits.
Additionally, the guidelines include measures within the app such as data encryption, displaying sensitive information discreetly, implementing certification pinning or equivalent methods, obfuscating source code to prevent code reading, detecting rooted devices, and restricting the use of the app on outdated and potentially risky devices as per TB-CERT warnings.
This directive will be effective 30 days after its announcement, except for the enforcement of outdated operating systems which will come into effect within 60 days.
TLDR: The Bank of Thailand issues guidelines to enhance the security of mobile financial services, including measures for managing app usage and preventing fraudulent activities.
Leave a Comment