Top priority: A woman cycles through a heavy rain downpour in Hanoi. Vietnam’s central bank is formulating means to help protect the confidentiality and data of its citizens in the banking system. — AFP
HANOI: The State Bank of Vietnam (SBV) has finalised a draft circular on safety and security in providing online services in the banking industry.
Under the draft circular, the online banking system is to comply with the government’s current regulations on ensuring information system security at Grade 3 or higher.
According to the Law on Cyber Information Security 2015, classification of information systems by security grade means the determination of security grades in an ascending order from 1 to 5.
Grade 3 means that when an information system is sabotaged, it will seriously harm production, public interests, social order and safety, or it will harm national defence and security.
According to the draft circular, the online banking system must also ensure the confidentiality and integrity of customer information and the ability to provide services continuously.
Customer transactions must be assessed for minimum risk according to each customer group, transaction type and transaction limit.
The draft circular requires banks to carry out annual security and confidentiality inspections and assessments of the online banking system.
In addition, banks must regularly identify potential risks and determine the causes of the risks in providing online banking services to promptly take measures to prevent, control and handle those risks.
Information technology infrastructure and equipment that are used to provide online banking services must have copyright and origin.
For equipment that is nearing the end of its product life cycle and will no longer be supported by the manufacturer, banks must have an upgrade and replacement plan according to the manufacturer’s announcement to ensure the equipment is installed with new software versions.
Besides having firewalls and monitoring and warning systems against unusual behaviour, banks must also establish a mechanism to detect and prevent intrusions and network attacks on their online banking system, according to the circular drafts.
According to Tran Quang Hung, deputy director of the Information and Communications Ministry’s Information Security Department, information security in the banking system plays a hugely important role.
With a large amount of bank and customer data, the security of customer information and banking data in general is mandatory for all credit institutions.
Therefore, banks need to be equipped with modern technology, constantly strengthening their capacity, and investing in security.
Sharing that view, Phan Viet Linh, director of CDNetworks Vietnam, said the speed of digital transformation in the finance and the banking sector in Vietnam was accelerating.
At the same time, banks often face attacks from high-tech criminals attempting to steal customer data to conduct property fraud.
Thus, banks must strengthen defence measures to ensure safety and security in their systems, said Phan. — Viet Nam News/ANN
