No Bahraini bank has been affected by cyber attacks, the Central Bank of Bahrain (CBB) said yesterday, referring to $45 million stolen recently from two banks in the Middle East.

CBB was highlighting the fraud at the UAE-based National Bank of Ras Al Khaimah and the Oman-based Bank Muscat, according to a report in the Gulf Daily News, our sister publication.

The CBB said it held talks with all retail banks in the kingdom in efforts to safeguard against any fraudulent activity, and there has been no indication that any of the banks have been affected as a result of the incident.

"It is pertinent to mention that the CBB has been very proactive in guiding its licensees to have enhanced security standards for its credit and debit cards and Internet banking," it added.

The banking regulator said to mitigate the risk of electronic frauds in banks, among the mandatory requirements it introduced are those that require banks to be compliant with Europay MasterCard Visa requirements (EMV compliant) since September 2009, thereby ensuring that the credit and debit cards are PIN and chip enabled instead of having only a magnetic stripe.

Effective from March last year, banks are also required to provide transaction advice to customers through SMS at no charge for every transaction that takes place by using the debit or credit cards.

Banks, while outsourcing their functions, must have in place adequate security measures in the outsourcing arrangement that can minimise unauthorised access to customer data, the CBB said.

Rules mandate that all ATMs must be fitted with fraud detection and inhibiting devices since January 2007.

Banks must undertake penetration testing at least twice a year, which enables them to use state-of-the-art technology for Internet and banking system security. The CBB has also asked banks to alert their customers on phishing by suspected phishing sites.

Meanwhile, an Indian payment card processing company yesterday acknowledged that hackers breached its security to increase the limits on some pre-paid card accounts in the global ATM heist in December.

ElectraCard Services said no customer data was stolen from it and any tampering of ATM cards occurred elsewhere. – TradeArabia News Service