2 December 2022


The new security measures are in line with Bank Negara Malaysia’s direction on additional measures to strengthen banking security to combat fraudulent activities


Kuala Lumpur: CIMB Bank Berhad and CIMB Islamic Bank Berhad (collectively “CIMB” or “the Bank”) continues to strengthen the security of its digital banking platforms with the rollout of new security measures for the CIMB Clicks and CIMB OCTO Apps. The new enhancements include compulsory SecureTAC authorisation via the CIMB Clicks App for transactions of RM100 and above and a mandatory customer call verification process for first-time app logins.


Effective 5 December 2022, CIMB will be implementing mandatory SecureTAC authorisation for CIMB Clicks Web transactions of RM100 and above including non-favourite fund transfers, bill payments, and prepaid top-ups. Customers will no longer be able to receive SMS TACs for these transactions. Instead, they will need to install the CIMB Clicks App and approve the transactions via SecureTAC. The Bank intends to extend SecureTAC authentication to include any transactions valued RM100 and below, as well as non-monetary transactions, by the first half of 2023. In the meantime, CIMB urges all customers who have yet to install CIMB Clicks App to download the app from official app stores and turn on notifications in Settings to receive SecureTAC.


In addition, effective 26 December 2022, new users or existing users who are logging in to the CIMB Clicks and CIMB OCTO Apps on a new device will undergo a call verification process to ensure that any first-time login attempt or device change is initiated by the account holder themselves. Once a first-time login is performed, customers will be required to call CIMB’s Consumer Contact Centre which is available 24/7 at +603-6204 7788 to verify their registration on the new device and to maintain their access. Alternatively, the bank will also strive to reach customers for verification within 24 hours since the first access from a new device.


If a customer is not contactable within 24 hours of their first-time login, or in the event the verification process is unable to be completed, their CIMB Clicks ID will be deactivated as a safety precaution. The Bank plans to enhance the verification process further by the first half of 2023 by implementing a compulsory requirement for customers to call the Bank to activate their account first before they can begin using it.


Dato’ Abdul Rahman Ahmad, Group CEO of CIMB Group said, “CIMB is committed to implementing stringent security measures to protect our customers against scams, in line with Bank Negara Malaysia’s direction on additional measures to strengthen banking security to combat fraudulent activities. Whilst these new measures may initially affect banking convenience, we believe they are necessary steps towards creating a safer banking environment. We will continue to introduce additional measures progressively in order to further reduce the risk of fraud and ensure customers can transact with peace of mind."


In addition to the new measures, CIMB has also been upgrading its fraud management system on an on-going basis to better identify indicators of potential fraud and scams. This includes constant fine-tuning of fraud detection rules and utilising machine learning to continuously enhance predictive capabilities to safeguard customers from fraudulent activities.


Customers are reminded to only download the CIMB Clicks or CIMB OCTO Apps from genuine app stores such as the Apple App Store, Google Play Store or Huawei AppGallery, and never from a link or unknown sources. To ensure a secured online banking environment, downloads of CIMB Clicks and CIMB OCTO Apps are only allowed for customers with devices that are updated with the minimum mobile device operating system (“OS”) of Android 9 and iOS 12 and above.


Further, please be advised that the Bank will never ask customers for their personal log-in ID, password or debit pin number during its call verification process. Accordingly, customers are reminded not to divulge these details if any parties claiming to be from the Bank make such request and to immediately terminate such calls.


Customers who have any queries can contact CIMB’s Consumer Contact Centre at +603-6204 7788 (available 24/7), or visit www.cimbclicks.com.my for more details.