Pakistan Banks’ Association setup Cyber Security cell

Karachi, November 7, 2018: The Pakistan Banks’ Association (PBA) has established a dedicated cyber security forum to facilitate the banks.

PBA is the sole representative body of banks & DFIs operating in Pakistan.

In view of the recent reports circulating in the media around the data hacking of Pakistani banks, a spokesperson of the PBA has emphasized that SBP guidelines for establishing cyber security have been issued in 2017, for necessary compliance by all banks, which are comprehensive and cover all aspects of technology.

The Association said that in its endeavor to support the industry as well as SBP, had already established a dedicated forum for Cyber Security.

According to the spokesperson, the IT security of one bank was compromised, other than that no breach has been reported.

He said that the industry is moving towards the digital era, and considering the risks and threats, banks are continuously developing, strengthening and implementing risk based controls in their environments.

The PBA spokesperson has, however, said that it is important to understand the difference between fraudulent transactions and hacking attempt.

Fraudulent transactions can be successful without hacking the bank. When a cheque book or a leaf of a cheque book is lost, it can be used by fraudsters to steal money. Likewise, if a credit or debit card is lost or stolen, it can also be used in fraudulent transactions.

Such fraudulent transactions do not mean that the technology infrastructure of the bank has been hacked. Similarly, if the data stored in the debit or credit card is fraudulently copied or stolen, then such data can be saved on a duplicate fake card. Such a fake card can also be used to do frauds, especially if the fraudster also finds out the PIN associated with the original card.

The spokesperson has advised the banking customers not to respond to requests for their confidential and personal information via various channels including, but limited to, SMS, email (with or without embedded links), phone calls etc. to protect themselves against any identity theft or fraud.

Leave a Reply

Your email address will not be published. Required fields are marked *