After addressing concerns of being able to login with “wrong passwords” and the appearance of reCAPTCHA on CIMB Clicks, CIMB has finally issued a clarification on unauthorised transactions. As reported early this morning, several users have complained of being charged repeatedly for PayPal transactions via their debit cards.
According to CIMB’s latest FAQ, these unauthorised transactions have nothing to do with CIMB Clicks. Such transactions were performed at 3rd party e-commerce sites that don’t offer 3D authentication. 3D authentication is basically a user verification system where the bank will send a one-time verification code to your mobile device. This One-Time-Pin is then entered on the site to confirm that it is really the cardholder that’s authorising the payment.
Malaysian websites are required to offer One-Time-Pin (3D) for online transactions, however, this isn’t mandatory (non-3D) on international sites such as PayPal and even Facebook. According to CIMB, it is common industry practice for banks to accept payments for both 3D and non-3D transactions.
Despite the recent postings on Facebook, CIMB claims that the level of unauthorised transactions is still within normal levels based on their current monitoring. Customers are urged to report any irregularity with their card transactions through their official channels. According to CIMB, you can file a dispute if you spot any irregular non-3D based transactions and the transacted amount will be credited back into the customer’s your account within 14 days after a verification process.
Below is their updated FAQ on Debit Card transactions.
In order to make a transaction online, a merchant will require your card’s number, expiry date, and the 3 digit CVV number. If someone can complete an unauthorised transaction with your card, there is a high probability that your card details are compromised. If this is your situation, it is best to cancel the card and replace it with a new one.
Today’s security mess surrounding CIMB could have been avoided if there was clear communication from the bank, especially when it involves new security features. The confusion about the password field and the appearance of the additional reCAPTCHA caused unnecessary panic among users who assumed that the two were signs of the website being compromised.
The Malaysian Communications and Multimedia Commission (MCMC) has directed a temporary restriction on Grok's artificial…
If you've received an email from Instagram about resetting your password, you're not alone. It…
The full specifications for Proton e.MAS 7 PHEV has been revealed by Proton’s New Energy…
Registrations of electric vehicles (EVs) in Malaysia have hit an all-time high, based on the…
Just less than a year and a half after the introduction of the X70 “MC2”,…
Nio, the Chinese EV brand popular for its battery swapping network, has officially entered Southeast…
This website uses cookies.