Face biometrics workaround has Thailand’s bankers defending new transfer rules

Thailand’s bankers are in damage control mode after a programmer was arrested for selling software that bypasses mandatory face biometrics checks for mobile transfers of more than 50,000 baht (roughly US$1,400). An article in The Thaiger says mule accounts were used to exploit a loophole in the policy, which was implemented in June.

The relative speed with which the facial recognition system was compromised has the Thai Bankers Association issuing reassurances that banking apps are secure and not exposed to fraud. The association points to additional identity verification measures such as PINs, and specifies that the software was deployed on mule accounts with customer consent, placing the locus of failure on human error rather than compromised biometric technology.

Meaning digital account transfers and changes to credit transfer in amounts of 50,000 baht, as well as transfers of more than 200,000 ($5,550) baht in a day, will still trigger a mandatory face biometric authentication. However, the Thai Bankers Association has promised harsh penalties for fraudsters, with owners of mule accounts facing up to three years in jail and a potential 300,000 baht fine ($8,330) under the Technology Crime Prevention and Suppression Act 2023.

Meanwhile, customers are encouraged to follow threat prevention guidelines and maintain strong security over personal information by avoiding fishy links, unverified downloads and facial scans for unknown applications.

Thailand central bank data reported in the Bangkok Post shows 50,000 cases of online shopping fraud, 20,000 cases of money transfer fraud, 18,000 cases of lending fraud, and 13,000 cases of call center fraud occurring between March and December of 2022, with losses totalling in the billions of baht.

Article Topics

banking  |  biometrics  |  face biometrics  |  fraud prevention  |  identity verification  |  Thailand