Under a decision of the State Bank of Vietnam (SBV), each online transaction worth above VND10 million (US$392.65) or daily transactions exceeding VND20 million will require biometric information.
Biometric authentication uses biological identifiers such as fingerprints, irises, voices, and facial features, and is considered the most secure from frauds. The regulation is to foster security for bank accounts and prevent financial frauds which are on the rise in Vietnam.
Pham Anh Tuan, Director General of the SBV’s Payment Department, said Vietnam counts 182 million personal payment accounts, with more than 87% of adults owning at least one, adding the number of payments via QR codes has skyrocketed over the past time.
Experts have warned that traditional authentication methods using passwords and one-time password (OTP) are not strong enough against cyberattacks. Meanwhile, they said, biometric security will be matched to data stored in the national ID database.
Therefore, the biometric solution will make it easier for service suppliers and the central bank to manage accounts and transactions, they noted.
Apart from limiting virtual bank accounts, this type of authentication will help competent forces trace criminals and recover money from cyber scams, said Vu Ngoc Son from the National Cybersecurity Association.
Domestic banks have been sending their customers notifications and reminders to update their biometric registration in anticipation of the new rules.
According to Major General Nguyen Van Giang, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention (A05) under the Ministry of Public Security, in 2023, the total amount of money lost to online scams was estimated to be around VND8-10 trillion, a 1.5-fold year-on-year increase.
Up to 91% of these fraudulent activities were related to financial schemes, with 73% of mobile device and social media users frequently targeted by scam messages and calls.
Against the backdrop, the department has advised people to stay vigilant, avoid risky actions like clicking on strange links and selling bank accounts, and use multi-factor authentication.