After addressing concerns of being able to login with “wrong passwords” and the appearance of reCAPTCHA on CIMB Clicks, CIMB has finally issued a clarification on unauthorised transactions. As reported early this morning, several users have complained of being charged repeatedly for PayPal transactions via their debit cards.
According to CIMB’s latest FAQ, these unauthorised transactions have nothing to do with CIMB Clicks. Such transactions were performed at 3rd party e-commerce sites that don’t offer 3D authentication. 3D authentication is basically a user verification system where the bank will send a one-time verification code to your mobile device. This One-Time-Pin is then entered on the site to confirm that it is really the cardholder that’s authorising the payment.
Malaysian websites are required to offer One-Time-Pin (3D) for online transactions, however, this isn’t mandatory (non-3D) on international sites such as PayPal and even Facebook. According to CIMB, it is common industry practice for banks to accept payments for both 3D and non-3D transactions.
Despite the recent postings on Facebook, CIMB claims that the level of unauthorised transactions is still within normal levels based on their current monitoring. Customers are urged to report any irregularity with their card transactions through their official channels. According to CIMB, you can file a dispute if you spot any irregular non-3D based transactions and the transacted amount will be credited back into the customer’s your account within 14 days after a verification process.
Below is their updated FAQ on Debit Card transactions.
In order to make a transaction online, a merchant will require your card’s number, expiry date, and the 3 digit CVV number. If someone can complete an unauthorised transaction with your card, there is a high probability that your card details are compromised. If this is your situation, it is best to cancel the card and replace it with a new one.
Today’s security mess surrounding CIMB could have been avoided if there was clear communication from the bank, especially when it involves new security features. The confusion about the password field and the appearance of the additional reCAPTCHA caused unnecessary panic among users who assumed that the two were signs of the website being compromised.
Today at its HQ in Wuhu, China, Omoda pulled the wraps off the C3 crossover,…
This post is brought to you by vivo. vivo is preparing to launch its latest…
After a round of teasers, the Honor 400 Lite has finally made its launch in…
Astro has announced that Amazon's Prime Video is now officially available on their Astro Ultra…
Zeekr arrives at Auto Shanghai 2025 with all guns blazing, officially unveiling the new Zeekr…
U Mobile has appointed Celcom Timur Sabah (CT Sabah) to deploy 5G leased circuits in…
This website uses cookies.
![](data:image/svg+xml;charset=utf-8,<svg height="664px" width="1024px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="718px" width="1186px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
