State-owned commercial bank Vietcombank is drawing criticism after announcing updated terms and policies that require customers to ensure their internet connection is free from malware.
The updated terms, set to take effect on May 10, concern the use of Vietcombank’s online and mobile banking services for individual clients.
Under the updated ‘security responsibilities’ article within their terms and policies, the bank will require clients to “take responsibility” for making sure that whatever devices they use to log into the bank’s online portal is free from viruses and malware.
In addition, the new terms make it clear that customers are not to use the online and mobile banking services from any device connected to a local area network (LAN) without first checking that they are not being tracked by a third party.
Many Vietcombank clients have voiced concerns with the bank’s new policy, saying it is nothing but a way to shake responsibility in the event of a security breach.
“The amount of known malicious software in the world exceeds 100 million and counting, making it difficult, if not impossible, for even top security experts to build a device that is 100 percent safe from malware,” said Nguyen Hong Van, deputy director of the Institute of Information Security Technology under Vietnam Information Security Association.
“How can a regular user truly be sure that their device is clean from viruses and malware?”
Van added that it is absurd enough for Vietcombank to assume that customers understand the concept of a LAN, let alone are capable of meeting the requirement to make sure that they are not being tracked by a third party while connected to one.
“Even experts in network security can’t tell for sure whether they are being tracked while connected to the internet in public spaces, such as at the office or in a café,” Van explained.
“The terms [by Vietcombank] are ridiculously difficult for a regular customer to comply with.”
The updated terms also grant Vietcombank the right to use, store, transfer, or exchange customers’ personal information with a third party.