SAFETY and CONFIDENTIALITY | BANKING SERVICES on the INTERNET

Circular No.35/2016/TT-NHNN (“Circular 35”), replacing Circular No. 29/2011/TT-NHNN on safety and confidentiality in the provision of banking services on the internet, was issued by the State Bank of Vietnam on 29th December 2016 and takes effect on 1st July 2017.
Circular 35 features some notable changes, as follows:
  1. A bank or credit institution’s IT infrastructure which provides Internet Banking (“IB”) services shall have intellectual property protection: If there is a failure to provide support, or the service provider is unable to upgrade new versions, there must be a plan for upgrading or replacement.
  2. A number of specific technical requirements shall be applied to the network system, communications, security, confidentiality and the IB application. For example, a bank or credit institution shall control the source code of the IB application by implementing minimum checking requirements; and to appoint specific individuals to manage the source code of the IB application; to safely keep the source code in at least two separate locations; etc.
  3. In regards to the authentication of clients accessing IB services, a client accessing the IB services must be authenticated with at least a username and password.
Circular 35 also provides requirements for OTP (One Time Password) authentication as follows:
  • For OTP authentication by SMS or email: An OTP sent to clients must attach a warning of the OTP’s purposes. OTP shall be only valid for within 5 minutes;
  • For authentication using OTP matrix cards: An OTP matrix card shall be used within 1 year from the date of registration; OTP shall be valid for within 2 minutes;
  • For OTP authentication generated by an application installed in a mobile: The service providers must clarify the link on the website or application store, enabling clients to download and install the OTP generator software;
  • For OTP authentication generated by an OTP token: OTP shall be valid for within 2 minutes;
  • For authentication by digital signatures: The service provider shall use and authenticate digital signatures from a provider operating in accordance with the law.
* Some interesting materials about banking security in the upcoming 4th Industrial Revolution http://www.slideshare.net/LibreCon/banking-40-librecon-2016

Comments

Post a Comment

Popular posts from this blog

Overview of Decree 116 on Conditions for conducting automobile manufacturing, assembly, and import; and providing automotive warranty and maintenance

Image
On October 17th, 2017, the Government issued Decree 116/2017/ND-CP (“ Decree 116 ”) specifying conditions for conducting automobile manufacturing, assembly, and import; and providing automotive warranty and maintenance services. This decree came into effect on the issuance date. Notable regulations of Decree 116 are those providing conditions and procedures for obtaining 3 types of new business licenses issued by the Ministry of Industry and Trade, (“ MOIT ”) namely: (1) a Certificate of satisfaction of conditions for automotive manufacturing and assembly, (2) a Business License for automobile import, and (3) a Certificate of automotive warranty and maintenance workshop. The conditions for applying for these certificates and business license are as follows: (1)Certificate of satisfaction of conditions for automotive manufacturing and assembly: An enterprise must meet the following conditions[1]: (a)       Have the lawful right to use...
Read more
Image
Legal Chapter VIETNAM COUNTRY REPORT 2017 Oxford Business Group Edit article Published on  June 14, 2017 Like Legal Chapter VIETNAM COUNTRY REPORT 2017 Oxford Business Group 5 Comment 0 Share Share Legal Chapter VIETNAM COUNTRY REPORT 2017 Oxford Business Group 1 Tuan PHUNG A. Consul General A.H. | Finnish Consulate General; Managing Partner | VCIL; Executive Vice Chairman | VAFI Law of the land A look at the country's legal system Since Vietnam’s independence on September 30, 1945, the country has developed a socialist legal sys­ tem based on the civil law system, with some major modifications from Marxist-Leninist ideology. The current legal system of Vietnam has the following characteristics: •    Legislation is the most import ant source of law; •    Courts are subordinate to the legislature and must make decisions based on legislation; and •    Policies are set...
Read more

ATIGA RULES OF ORIGIN IN VIETNAM Asean Trade In Goods Agreement

Image
Circular 22/2016/TT-BCT (“ Circular 22 ”) was issued on October 3, 2016 come into effect from November 15, 2016 by the Ministry of Industry and Trade to replace Circular 21/2010/TT-BCT, regarding the implementation of origin rules of ASEAN Trade in Goods Agreement (“ ATIGA ” ). Circular 22 was issued within the context of ASEAN countries having agreed on amendments to the origin rules chapter of ATIGA, including:  (i) the list of technology commodities in keeping with the HS codes of 2012 , and (ii)  the C/O issuance and inspection procedures amended for the application of digital C/O (Form D) . In order to include the above international commitments of Vietnam into domestic legal framework, Circular 22 provides the following crucial changes: 1. Appendix IV:  the list of technology commodities is in keeping with the HS codes of 2012. The new list is composed of 441 HS codes, whereas the previous one contained 411 HS codes, ie. there are supplemental 30 HS c...
Read more