MANILA, Philippines — BancNet has equipped its online banking portal with a stricter accountholder verification system for more secure transactions on the internet.
The multi-channel electronic payments network has equipped its web portal www.bancnetonline.com with a two-factor authentication system, called 2FA for short.
The 2FA system is an added layer of security on top of the ATM PIN that requires the keying in of other information that only the cardholder knows. These are his user name, password and one-time PIN.
With 2FA as an added security, even if the cardholder’s card data and his ATM PIN are skimmed at a machine, the thief would not be able to access the account as the 2FA ensures that the person transacting is the real owner of the account.
“With this implementation, we enable our member banks to deliver not only convenient, but also highly secure online banking services to their customers. These services include balance inquiry, fund transfer, bills payment and payment for purchases,” said BancNet general manager Aristeo Zafra Jr.
To be able to transact online, cardholders of participating BancNet member banks need to register their personal and contact information and enroll their ATM and other debit cards.
After registration, a randomly generated one-time PIN will be sent to the cardholder for every session with his bank. It will be sent through either SMS or e-mail or generated from the BancNet mobile application.
Participating banks are Asia United Bank, BPI Direct BanKO, Citystate Savings Bank, DBP, CTBC Bank, Enterprise Bank, Entrepreneur Bank, Equicom Savings Bank, MASS-SPECC, Pacific Ace Savings Bank, Postal Bank, Sterling Bank, Sun Savings Bank, Tiaong Rural Bank and Veterans Bank.
The other security features of BancNet Online aside from triple data encryption are the Secure Socket Layer certificate and a dynamic PIN pad on the transactional pages and an anti-phishing and anti-pharming solution for the website.
The Bangko Sentral ng Pilipinas has required banks to implement multi-factor authentication for sensitive transactions on online channels such as enrolment in transactional e-services, payments, remittance and fund transfers.
The regulator has already ordered banks that failed to adopt stricter authentication measures through multi-factor authentication techniques for online transactions last Sept. 30 to deactivate certain transactions to mitigate the risk of fraud and to protect cardholders.