Biometric scans will be required for high-value mobile banking transactions as part of measures to protect consumers from cyber-risks, according to the Bank of Thailand.
Banks must adopt the measures by June, the central bank said on Thursday.
Biometric technology such as facial scans is already required for deposit account opening on mobile banking apps.
Under the new measures, a facial scan is needed for: digital money transfers of more than 50,000 baht per transaction; transfers of more than 200,000 baht per day; and to change credit transfer amounts of more than 50,000 baht per transaction.
Bank of Thailand governor Sethaput Suthiwartnarueput said the central bank chose 50,000 baht and higher because the amount is a frequent target of fraudsters.
While the measures may inconvenience consumers, they will increase security for digital banking transactions, he said.
“Given rising cyber-risks worldwide, the central bank wants to emphasise security systems to protect consumers from financial fraud, particularly in the post-Covid period when people are finding it quite difficult to earn a higher income,” he said.
The regulator also wants to close loopholes and curb fraudsters’ access to consumers by banning financial institutions from sending links via SMS and email.
Banks are also not allowed to send customers’ personal data through social media.
In addition, mobile banking users can only use one username for a device.
The central bank has collaborated with related organisations, both in the government and the private sector, to detect suspicious transactions and deposit accounts.
Through cooperation, banks can detect fraudulent cases more quickly, reduce losses, and prevent nominee deposit account fraud, he said.
Fraudsters use nominees to open accounts and then conduct illicit transactions on their behalf.
The central bank also requires financial institutions set up a hotline call centre where customers or financial fraud victims can contact them around the clock.
According to Mr Sethaput, banks have been preparing for these measures for some time, with some of them already implemented.
The government has also been working to enforce a new law aimed at preventing technology crimes that should help to strengthen cybersecurity in Thailand.
According to central bank data, from March to December 2022 there were around 50,000 cases of online shopping fraud, 20,000 cases of money transfer fraud, 18,000 cases of lending fraud, and 13,000 cases of call centre fraud.
There were 58,000 cases of nominee deposit account fraud with total reported losses of 5.5 billion baht.
The Bank of Thailand held discussions on Thursday with financial institutions in preparation for the new cyber-risk measures.
Chartsiri Sophonpanich, the president of Bangkok Bank, said his bank plans to upgrade its digital technology to strengthen cybersecurity. The bank is developing a security system in preparation for the new measures.
Kattiya Indaravijaya, chief executive of Kasikornbank, said KBank is also ready to upgrade its security systems in line with the central bank’s announcement.
KBank is continuing to develop cybersecurity systems to prevent financial fraud, she said.