Previously BigPay’s Customer Relationship Management (CRM) system would send an automated satisfaction survey once a ticket was solved. In 2021, it introduced customer satisfaction surveys within the Live Chat platform to help identify key areas of improvement and enhance the customer experience. Given the frequency of online scams, BigPay has taken the following measures to educate and protect customers from being victims of fraud: • “Do not share” advisory as part of each SMS OTP/Link; and periodic reminders on the same • Periodic updates on social media on the Do’s and Dont’s to protect against scammers/fraudsters • Periodic updates on BigPay’s website to raise customer awareness of scams and app security • Increased internal controls to limit exposure of customers’ Personal Identifiable Information (PII) • Increased controls when populating customers’ contact book information to BigPay’s P2P Friendslist • Collaboration with regulators/enforcement agencies to improve current scam prevention as well as updates on potential scam trends TECHNOLOGY, INNOVATION & INFORMATION SECURITY The following Innovations were introduced in 2021 to further strengthen the BigPay platform, as well as to expand its reach. Migration to GCP Malaysia data were migrated from on-premise storage to Google Cloud Platform (GCP) ebelia BigPay was part of Malaysia’s ebelia programme Bill Payments MY Enable people to pay multiple bills to a variety of merchants China Union Pay transfers Enable money transfers to China using China Union Pay Singpass onboarding Utilise Singapore’s Singpass to simplify the onboarding process Personal Loans MVP Implementation of personal loans as part of BigPayLater Reduce Fraud Attack Surface Limit the number of accounts per device Limit auto top-ups Device binding (ie registering a user’s device as a trusted device for banking) Cash top-ups Enable users to top up their BigPay accounts with physical cash Virtual cards Virtual cards (no plastic) for online purchases and additional security In 2022, there are plans to integrate BigPay’s systems with PayNet to offer personal loans, and to use the Security Operations Centre to onboard new services. To protect customers’ data and tighten its general cyber security, BigPay is guided by the following policies/strategy. Techno l ogy and Cybe r Security Risk Management Framework An overarching framework to formulate the approach, process and scope of coverage for technology risk management. This covers the responsibility for all the three lines of defence to ensure appropriate levels of risk identification, assessment, mitigation and monitoring are established. A governance framework including a risk committee has been put in place to ensure appropriate oversight. Access control , IT Asset, Cryptography , Sof tware Development Lifecycle, Change Managemen t , I n c i den t Management, Data Security, Network Security, IT Resilience, Cyber Security Operations, Cyber Security Assessments, Third Party Service Provider Manageme n t , S e c u r i t y Awareness & Training policies These policies have been formalised to ensure compliance with regulatory requirements. Together, they ensure appropriate safeguards to protect against reputational, regulatory and financial risks as well to protect the confidentiality of customer data and maintain satisfactory system uptime and performance. S U S T A I N A B I L I T Y S T A T E M E N T A N N U A L R E P O R T 2 0 2 1 1 5 9
RkJQdWJsaXNoZXIy ODU0MjU5