ASIC Reject Banks Request for Control Over Customer Devices

16 March 2022
Photo by Paul Fiedler on Unsplash

Australia’s banks unsuccessfully urged corporate regulator ASIC to consider letting them impose security and device rules on customers that used online banking services. 

ASIC’s proposals had included rewriting the ePayments code to accommodate biometrics, modernise some definitions, apply the code to the national privacy principles, and apply the same rules to digital and paper receipts. 

Rather than merely updating the code to accommodate biometrics, the banks requested “a more fulsome modernisation of the code”. 

They also wanted the ePayments code to address how consumers can protect themselves when using personal electronic devices to make payments. Another question raised was how to define the obligations that might cover a device such as a mobile phone, when its maker isn’t subject to the epayments code. 

Proposals to modernise the code included asking ASIC to consider how consumers use their mobile phones and other electronic devices, and how this affects the security of virtual credit and debit cards in the event that the consumer’s personal electronic device is compromised or lost. 

ASIC  decided not to proceed with any of these proposals, because it decided that a definition of biometrics - which triggered the discussion about device security - needed more thorough work.

- CyberBeat



About CyberBeat

CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.

Contact CyberBeat

If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us

Terms & Policies >>


We couldn't do this without the support of our sponsors and contributors.