Pages

Friday, October 14, 2022

iPay88 asked to raise cybersecurity standards

InvoicePay by iPay88

 


PETALING JAYA: Amid rising cases of online financial scams, Bank Negara has ordered a key service provider to raise its cybersecurity standards.

The central bank instructed ipay88 (M) Sdn Bhd to strengthen its cyber security controls and information technology (IT) infrastructure after an independent forensic investigation.

This comes just 11 days after Bank Negara told banks to up their security standards and cease using SMS one-time passwords (OTPS) in the authentication process for online banking.

ipay 88 is a provider of payment gateway services to banks and merchants in the country. It offers comprehensive online payment options such as credit or debit cards, bank transfers and other alternative online payments.

The company uses a redirect approach for its payment process, in which it redirects its customers from the merchant’s web to its web page for them to make payment.

Upon completion of the payment, customers will then be returned to the merchant’s web.

Unfortunately, on Aug 11, ipay88 issued a statement and expressed regret that there was a cybersecurity incident where card data may have been potentially compromised.

Upon discovery of the issue, ipay88 immediately initiated an investigation and brought in cybersecurity experts to contain the issue.

The containment process was successfully completed and no further suspicious activity has been detected since July 20, according to ipay88.

Bank Negara’s order this week is to ensure that similar incidents do not recur and to safeguard against future threats.

The central bank stated it will continue to closely monitor ipay88’s implementation of

these measures and where appropriate, undertake further supervisory or enforcement action.

It also directed banks and card issuers to maintain heightened vigilance over card activities that may be at risk.

Following the engagement of an independent team of cybersecurity experts to carry out a full forensic audit of its systems and payment environment, ipay88 stated the cybersecurity incident was the product of a sophisticated intrusion by an unidentified party or parties.

The intrusion specifically targeted card data from online transactions.

“There was no impact on transactions made through the Android terminals, e-wallet QR payments, online banking, BNPL, vending machines, point of sale or POS and batch card payment,” ipay88 said in a follow-up statement with regard to the earlier mentioned cybersecurity breach.

The group acknowledged that it has to bear the burden and responsibility to protect card information.

“We respectfully apologise to the Malaysian public, our business partners, and merchants for this incident,” it said.

 8 Oct 2022 by StarBiz,   Source link

 

Related news: 

 

Payment gateway provider iPay88 says 'cybersecurity incident ...

 

iPay88 breach only affected card data from online transactions

 

Putrajaya probing iPay88 cybersecurity breach - FMT

 

Related  posts:

 

Scam response centre (NSRC) hailed timely

 

 

       Tengku Zafrul unveils RM372.3bil budget   Finance Minister Tengku Datuk Seri Zafrul Abdul Aziz announced on Friday (Oct 7) that RM372...

 

CLICK TO ENLARGE The rise of online financial fraud in Malaysia - The Star As losses to scammers mount, users and service providers such as...
PUTTING THE BRAKES ON CYBERCRIME - PDRM  A day after The Star’s page one story on the increasing number of online financial crimes, Ba...

No comments:

Post a Comment