ISLAMABAD: At least ten Pakistani banks have suspended their international payment services via Visa and debit cards in the wake of latest concerns around possible cyber attacks.
While the local news organizations have hesitated to share the list the banks suspending the international transactions, Pakistan Today shared the names of the banks who suspended their operations. These include BankIslami, Allied Bank Limited, JS Bank, Habib Bank Limited, Bank Alfalah, Standard Chartered, United Bank Limited, Faysal Bank, Silk Bank or Muslim Commercial Bank. Express Tribune also mentioned Soneri Bank as one of the banks that suspended international transactions.
It is not clear what has compelled banks to take these measures. Some suggest that these measures have been taken in the backdrop of latest cyber-attack last week on Bank Islami that resulted in the loss of 2.6 million Pakistan rupees. One report alleged that this measure was taken after information of around 8000 card holders of different Pakistani banks was made available for sale online. In another news item, The News quoted a Moscow based anti-fraud organization the Group IB that alleged that nine banks “witnessed abnormal transactions” lately including BankIslami, Habib Bank, JS Bank, Faysal Bank, Soneri Bank, Bank of Punjab, Bank Alfalah, Silkbank, and MCB Bank
However, in the light of official statements from the bank officials and the State bank of Pakistan, SBP, it can be ascertained that the banks have suspended their international payments for indefinite period as part of their efforts to strengthen cyber security and root out any vulnerability.
Talking one news organization, one SBP official named Abid Qamar noted that SBP only urged the banks to strengthen their cyber security. He noted that some banks had suspended their international payment services but some were processing them only on the instructions of their customers.
A JS Bank official also confirmed to Express Tribune that they would “provide international services to only those clients who would ask us for the services through phone banking,”.
Given the lack of transparency around the handling of consumer data, digital rights experts have long called for a stringent data protection law that would ensure that private and public entities were held accountable for their mishandling of consumer data. They also want protections in the data protection law that would bind the entities to transparently share more information about the challenges and risks to their sensitive data. In the absence of a data protection law, it is difficult for any customer to force the banks to be more transparent about the reasons for their suspension of international transactions.
Pakistan’s Ministry of Information Technology and Telecom, MOITT shared the first draft of data protection law in July 2018 and has invited comments from other stakeholders.