SBV assures no loopholes in banking service security

Friday, Apr 11, 2014 16:31

Security bug Heartbleed can't harm the Vietnamese banking system, according to the central bank. -- Photo

HA NOI (Biz Hub) – Information technology (IT) based services of the Vietnamese banking system were operating normally and still secure, the State Bank of Viet Nam (SBV) stated in Thursday evening's press release.

The announcement was made after Vietnamese security platform HVA Online on Tuesday called on e-banking and payment portal users to temporarily avoid making online transactions because of a bug called OpenSSL Heartbleed. Platform experts warned that some 15 payment websites in Viet Nam had been attacked.

The bug, detected by Google researchers and security firm, Codenomicon, is believed to create a serious vulnerability in the popular OpenSSL cryptographic software library, thereby allowing hackers to steal information protected by SSL/TLS encryption, which is used to secure Internet traffic.

The SBV noted that it immediately asked credit institutions nationwide to check their IT systems and received confirmation on their safety. Banks have also completed updating a patched version of OpenSSL.

Besides the SSL encryption, banks also protect transactions by deploying many other solutions, such as public-key infrastructure (PKI) and one-time password (OTP), according to the central bank.

"Hackers may exploit the OpenSSL Heartbleed bug, but they won't be able to infiltrate the banks' IT security systems," it claimed.

"Customers can feel secure while using banking services," it assured. -- VNS

Comments (0)