CB advises caution when sharing account info

The Central Bank has advised people to be cautious when sharing any information that can be used to access their current or savings accounts, credit or debit cards and electronic wallets (e-wallets).

While publishing a notice, the CBSL said electronic payment (e-payment) methods such as real-time interbank fund transfers from customer current and savings accounts as well as card payment facilities, have provided great convenience to customers. 

Sri Lanka’s payment systems and infrastructure meet international security standards to ensure the safety of customer funds. In order to continuously enjoy these facilities, customers must adhere to adequate safety measures when making e-payments. 

Confidential information including current and savings account numbers, credit or debit card details including the card number, CVV number and expiry date,  National Identity Card (NIC) numbers, internet or mobile banking or e-wallet passwords, personal identification numbers (PINs), transaction verification information such as one-time-passwords (OTPs), transaction verification amounts and any other information that could be used to access, use or authenticate current and savings accounts, payment cards, e-wallets  or any other e-payment methods. 

Such information is provided to verify the customer’s identity and thereby increase the security of financial transactions and safeguard customer funds. Passwords, PINs, OTPs, transaction verification amounts or other transaction verification information must not be shared with any party and only used for its specified purpose. Failing to adhere to such safe practices will reduce the safety of customer’s own funds as fraudulent parties could gain access to customer accounts as well as funds using such information. 

The CBSL, together with Licensed Financial Institutions (LFIs) and other stakeholders, have implemented several measures to help customers prevent fraudulent electronic transactions. 

Accordingly, LFIs are required to provide a short message service (SMS) alerts or any other real-time notification facilities for all e-payments as well as issue EMV chip-based payment cards. EMV chip-based payment cards have enhanced security features that are designed to prevent card-related fraudulent activities.  

In order to prevent unauthorised electronic transactions, the CBSL hereby notifies customers to register for real-time e-payment notification facilities as well as obtain EMV chip-based payments cards from their respective LFIs without delay and exercise caution when sharing information that can be used to carry out e-payments.