TheStar: CIMB assures no security flaw in its online banking portal password input


CIMB Bank Bhd has debunked rumours that there is a security flaw in its online banking portal related to the password input.

“We would like to confirm that the news related to the online security of CIMB Clicks is untrue. Our platform remains safe and all customer transactions continue to be protected,” CIMB said in a reply to The Star.

Cybersecurity company LGMS director Fong Choong Fook says the extra characters allowance is a feature not a bug, and has been used by other banks before.

“It can be used under duress. Say someone is watching you while you key in your password, you can key in long strings of text and still be able to login,” he says, pointing out that the user still needs a valid password to login.

Full article from The Star

You may also find other interesting LGMS News at the following links:

BFM: Terrifying Technology Tribulations
No security breach during MY domain glitch
Google+ Data Breach: Interview with Radio Sputnik
Malaysian Digest: Govt Targets 2,000 Data Scientists By 2020
FreeMalaysiaToday: Don’t rush into cryptocurrency