PETALING JAYA: Maybank has issued a statement to address customer concerns regarding unauthorised transactions on their debit cards.
In recent weeks, a number of Maybank customers have taken to social media to complain that their debit cards have been peppered with unauthorised transactions.
However, the bank reiterated that the cases were due to unauthorised e-commerce transactions involving the use of the customer's card details by a third-party for online payment and “there are no compromised security issues relating to our credit/debit cards”.
It also urged customers who detect unusual transactions on their cards to immediately contact its customer care hotline at 1-300-88-6688 or the number on the back of their cards to lodge a complaint.
“A refund will be made if the transactions are found to be unauthorised upon investigation.
“As a preventive measure, the bank will normally cancel the affected card to avoid further transactions being made and the customer will be provided with a replacement card,” the spokesperson said.
A customer, who wanted to be identified as David, said he only realised something had gone wrong after checking his account and noticing multiple charges from the Google Play Store.
He said the amount totalled about RM70, adding that he could have missed the charges if it wasn’t for the fact there were 19 transactions in a row.
“I didn’t link my debit card to the app store, as I mostly use it for small daily purchases or topping up my e-wallet,” he said.
After informing Maybank, his debit card was deactivated while the bank investigated the case.
He said the bank officer told him that his account was not compromised, but it was likely an issue involving his debit card.
Another customer, who only wanted to be known as Zaharah, was similarly shocked that her debit card was used to purchase apps on the Play Store.
“The thing is, I never use my debit card for online transactions, I only use it for in-person payments. I don’t understand how anyone could have gotten my card details,” she said.
She said the charges occurred on Oct 18, but she only noticed it on Oct 24 when using the bank’s MAE app that she had recently installed.
She also questioned why no OTPs (one time passwords) were sent out for the transactions.
“After banking with Maybank for 20 years, it’s the first time I’ve had such an issue. I’m seriously concerned about the safety of my money,” she said.
Asked why some didn’t receive OTPs, the Maybank spokesperson said that though e-commerce merchants incorporated locally are required by Bank Negara Malaysia to adopt a strong authentication method like OTP, not all merchants located outside Malaysia practise this as part of their payment acceptance procedure.
“To prevent card fraud when making online purchases, customers should always ensure that the website that they are purchasing from is secure and trustworthy.
“Customers should also refrain from using public or open WiFi networks to make online purchases with their cards, as their card data could be compromised,” the person advised.
Several users on Twitter had reported similar issues: users @FitriiHakimi and @hilmieaminudin posted that they received several push notifications on their phones for a string of transactions on their debit cards.
The transactions ranged from RM1 to RM4.49.
Asked if there are measures in place to alert customers about unusual transactions, the Maybank spokesperson said customers had the option to disallow non-secure e-commerce transactions on their debit cards.
Despite the complaints, the bank said it had not seen an uptick in reports of card fraud cases.
It encouraged customers to safeguard their card details at all times and immediately report suspicious transactions.