The Azerbaijan State News Agency

ECONOMY

® Kapital Bank's Board member, Chief Risk Officer, Javid Mirzayev discusses the challenges against cyberattacks

®  Kapital Bank's Board member, Chief Risk Officer, Javid Mirzayev discusses the challenges against cyberattacks

As technology advances, it not only simplifies our lives but also brings modern challenges, such as cyberattacks. In recent times, complaints regarding cyberattacks on bank cards frequently grab the headlines. We often encounter complaints on social media about money being stolen from bank cards without the customers' knowledge. In this interview with Kapital Bank's Board member, Chief Risk Officer, Javid Mirzayev, we aim to inform people about the reasons behind theft, the protection of personal data, what to do when facing cyberattacks, and the responsibilities of both the bank and its customers.

- One of the problems brought by modern technology is cyberattacks. Almost every day, there are reports in the press and on social media about people having money withdrawn from their cards without their knowledge. Why is this happening?

- Unfortunately, fraud methods have become digital in today's world, and there are quite "professionals" in this field. The main reason for their success is often the ignorance of individuals. These cybercriminals find new methods every day. If we talk about real incidents, you have probably come across announcements under various titles such as "Click this link and get a gift", "Birthday special gift campaign", etc. In 2023, we identified and blocked 62 fraudulent sites created under the name of Kapital Bank on the internet. The number of fake pages we blocked on social networks such as "TikTok", "Facebook", "WhatsApp", "Telegram", "Instagram" is over 600. If you look carefully, you will see that the names in those links are misspelled by 1-2 letters, and fakelogos are used. These advertisements should not be trusted at all. When a customer clicks on that link, even if they do not complete the transaction, their personal information is already stolen. Our customers should clearly know that news about any campaign can only be shared online through Kapital Bank's officially verified social media accounts such as https://kbl.az/kbsml, Birbank, and BirbankBiznes mobile applications as well: https://kbl.az/bbsml. Even other official pages provide such information by directly referring to the bank's official website. Campaigns are also promoted through traditional media channels and within our bank branches. This issue isn't unique to us, it's a challenge faced by all banks.

-Who are the most common targets of fraudsters? How prevalent are customer information theft methods, and how can we protect ourselves from them?

-Their primary targets are undoubtedly all of us. Considering that Kapital Bank has over 5 million customers, it means that 2-3 members of every family are our clients. Fraudsters are keenly aware of this fact, making Kapital Bank a frequent target for exploitation. The methods of fraud are so diverse that regardless of age, social status, or occupation, each of us can fall victim if we are not vigilant. For instance, during phone scams, the elderly are often more susceptible. Fraudsters call and impersonate bank employees, tricking customers into revealing sensitive information. It's essential for customers to understand that no legitimate bank employee would ever request the CVV code or the 3D secure code sent via SMS.

Additionally, the use of unofficial mobile applications is a significant source of danger. Unofficially modified mobile applications, such as "Whats app+" or VPNs, expose the phone to cyber-attacks, resulting in the theft of personal information without the owner's knowledge.

When shopping on online platforms, it is essential to use official, reliable sales channels. It is advisable to set limits on cards for purchases and avoid storing card information on websites.

Fake job advertisements or offers like "like this link and earn this amount" are currently widespread. It is crucial to note that all complaints from customers who have suffered losses are investigated. It has been revealed that in all cases where the stolen amount cannot be returned, the information was shared by the customer themselves. In most cases, individuals share their personal information without verifying the source's security or are stolen due to the reasons mentioned earlier. Once hackers obtain card information, they can intercept SMS messages sent for bank-issued OTP codes due to vulnerabilities in the system.

-The techniques of fraud are indeed diverse, and we frequently see customers blaming the bank for their inability to safeguard personal data. What is the bank's responsibility in this regard?

-Ensuring secure banking services and fighting against fraud have always been main concerns for Kapital Bank. The bank operates in accordance with existing regulations, regulatory requirements, and international standards. Kapital Bank has 54 control mechanisms in line with the ISO27001 standard on data security. Additionally, a 24/7 monitoring mechanism is established for swift resolution of cybersecurity incidents. Our dedicated staff members monitor cyber threats all day long and intervene promptly in critical situations, ensuring the independent protection of customer data and immediate response to any issues. As a provider of transaction services, our bank undergoes annual PCI-DSS (Payment Card Industry Data Security Standard) certification, ensuring the highest level of security for customer card data. As you know, all Kapital Bank cards are equipped with a 3D protection system. It is true that there are websites where customers are not ascdferreked for an SMS confirmation code during transactions. However, transactions on such sites are regularly monitored, and if they fall into the suspicious category, they are blocked. Overall, hundreds of such sources are blacklisted and suspended every day within the framework of cooperation with "Meta" and relevant government agencies. In 2023 alone, we received close to 4,000 fraud complaints. Approximately 2,000 cards were blocked by us, and this has been confirmed.

-Mr. Javid, do you believe the methods used to inform customers about this issue are sufficient?

We are utilizing all available resources for informing our customers. Information related to this matter is regularly shared by our social media channels. We also collaborate with the Azerbaijan Banks Association to create informative videos. However, despite these efforts, it remains crucial for banks and customers to take collective steps to ensure security. We also urge our customers to exercise caution when using mobile applications that raise doubts about reliability, to refrain from sharing personal information, not to disclose their card's CVV code (the 3-digit code on the card), the 3D verification OTP (one-time password) received via SMS, the protection code, or their identity card's Fin code with anyone. They should also not believe in unprofessional videos and advertising texts purportedly representing banks. Moreover, it is unacceptable to click on fake web links, which have become a new trend among fraudsters, and to enter card information on these links, as well as to believe individuals promising easy gains on various social media platforms.

- Javid bey, unfortunately, despite our best efforts, incidents of fraud can still occur. What happens next for both parties, the bank and the customers? And what should someone do if they become a victim of fraud?

- When customers faced with fraud, the first step for them is to immediately contact the bank. This can be done by visiting the nearest branch, contacting the bank's inquiry center, or reaching out through official social media channels or the mobile application. As a next step, the bank takes immediate action to block the card or payment instruments (such as ApplePay or GooglePay) tokens associated with the fraudulent activity. Subsequently, the customer should confirm these actions with the bank and raise a claim stating that they did not authorize the transaction. The bank then acknowledges the claim and initiates an investigation following the directives of the Central Bank, rules of international payment systems, and internal procedures. The outcome of the investigation is communicated to the customer, and depending on the case, they may be invited to the branch, asked to provide additional documents, or requested to submit relevant requests based on procedures.

- In which cases is the stolen money returned to the customer?

-The outcomes become evident after the investigation concludes. Initially, the bank investigates the transaction method. For instance, they examine whether it was conducted via a POS terminal, online shopping, ATM, mobile application, etc. Subsequently, they ascertain how the fraudsters obtained the information and the extent of their knowledge about the customer. Based on the investigation's findings, the bank encounters two scenarios.

In the first case, if it becomes apparent that the customer's personal data was provided to a third party by the customer themselves, and the fraudster possesses all the information, unfortunately, the bank's support mechanism is limited at that point.

In the second scenario, the opposite happens, where the fraud occurs despite the fraudster not having access to all of the customer's data. For instance, some information might have been compromised due to a virus on the phone, but the fraudster doesn't have access to the customer's 3D and OTP codes. In this case, the bank follows international security regulations and safeguards the customer's rights. Ultimately, if the suspicious transactions do not comply with payment system standards, or if the fraudsters do not have complete access to the customer's security information, the customer's money are returned. Each case undergoes thorough investigation, and this process typically concludes within approximately 45 working days. Looking at the statistics of fraudulent transactions on cards in 2023, out of nearly 4,000 complaints received, 70% were resolved in favor of the customers, while 30% were not resolved due to customers failing to secure their personal information.

Additionally, if we exclude the applications received by the bank, approximately 382,000 suspicious transactions were identified last year, with no authorization granted for their execution. As a result of contacting the customers, preventive measures were taken, preventing 72,000 individuals from falling victim to fraud without any theft occurring. This means that 72,000 individuals refrained from proceeding with the transaction after being informed by bank employees. Other customers confirmed that the transactions were indeed conducted by themselves. It's worth noting that both payment systems and the Central Bank, through the Bank Card Center, regulate procedures for handling all suspicious and erroneous transactions, and the bank implements appropriate actions in accordance with these procedures.

-Thank you so much, Javid bey.

- My pleasure. I sincerely hope this interview would be helpful for everyone.

Share news on social media

Follow us on social network

Azerbaijan to promote its culture in Spain

Fenerbahce to host Olympiacos in Conference League quarterfinal 2nd leg

Two Azerbaijani gymnasts into final of FIG Apparatus World Cup

Azerbaijan, EBRD discuss green energy partnership in Abu Dhabi

New Caledonian delegation visits Heydar Aliyev Center

31 years pass since the Bashlibel tragedy, one of the bloodiest pages of our history

Oil prices go up in global markets

U.S. Department of State responds to AZERTAC's inquiry

Combined Arms Army’s Air Force holds tactical-special exercise, Defense Ministry

Azerbaijani oil price declines in global markets

Bayern Munich, Real Madrid advance to UEFA Champions League semifinal

Cabinet of Ministers convenes to address implementation of order on electric vehicle promotion

Azerbaijan names 18 boxers for European Championships in Belgrade

Potential priorities and plans of Azerbaijan`s CICA chairmanship in 2024-2026 discussed

® Kapital Bank OJSC's bonds placed at Baku Stock Exchange

AZAL and DFS Aviation Services agree to modernize Lachin Airport

Action plan related to designation of city of Shusha as 'Youth Capital of Organization of Islamic Cooperation' to be prepared - ORDER

International Renewable Energy Agency’s 14th Assembly continues with panel sessions

New Caledonian delegation visits NAM Youth Organization’s headquarters VIDEO

Over 90 pct of Sudanese school-age children deprived of formal education due to conflict: UNICEF

Chair of New Caledonian Congress Committee visits St. Mary's Catholic Church in Baku VIDEO

Submissions open for 2nd Silk Road Global News Awards

‘New Caledonian people highly appreciate Azerbaijan’s support’

Former No. 1 pick Blake Griffin retires after 14 seasons

‘Revenues from Azerbaijan’s transport sector increased by 15 per cent’

Around 40 new epidemics recorded each year in West African sub-region

Azerbaijani pool player claims European championship title

UK lawmakers vote to approve plans to ban smoking for those born after 2009

UAE ready to support Azerbaijan during its presidency of COP29

Hikmet Hajiyev: The withdrawal of Russian peacekeepers from Azerbaijani territory ahead of schedule has been decided by the leaders of both countries

Donald Trump falls $75mn behind Joe Biden in money race as donor base shrinks

71 killed, 67 injured in rain-related accidents in Pakistan

Azerbaijani ambassador presents his credentials to President of Portugal

Energy Minister: Azerbaijan will play an important role in regional integration in field of renewable energy

Most massive stellar black hole in the Milky Way discovered 'extremely close' to Earth

UNEC included in same group as world universities in international ranking

® “Her Action in Art” festival: celebrating women's contributions in art

Azerbaijan, International Renewable Energy Agency discuss prospects for cooperation

President Ilham Aliyev received Secretary General of Conference on Interaction and Confidence Building Measures in Asia VIDEO

14th Assembly of International Renewable Energy Agency gets underway in Abu Dhabi

From Ferdinand Romualdez Marcos, President of the Republic of the Philippines

Honda to launch next-generation EVs in China by 2027

Researchers in Australia identify 3 new species of extinct kangaroos

Foreign Ministry: France’s accusation against Azerbaijan of unilateral actions are completely unfounded

Azerbaijan, EU discuss current state and prospects for developing relations

Azerbaijan’s Defense Ministry: Quadrocopter attempting to carry out reconnaissance flights in direction of Tovuz district neutralized VIDEO

Antibiotics aren't effective for most lower tract respiratory infections

Japan probes Google antitrust allegation concerning ad services

Azerbaijani oil price exceeds 93 dollars

Global oil prices drop

People's Artist of Azerbaijan Chingiz Sadykhov’s 95th anniversary marked in Northern California

Dortmund, Paris Saint-Germain both reach Champions League semifinals with comebacks

Trump trial gets underway in New York with jury selection in historic case

Release of the Press Service of the President

Tree-planting campaign held in Baku

Renovated courtyards handed over to residents with participation of Leyla Aliyeva

Baku presents official poster of ISSF World Cup

World Bank welcomes “ASAN service" concept

Azerbaijan name 7 gymnasts to compete in FIG Rhythmic Gymnastics World Cup - AG Trophy in Baku

US NSA Jake Sullivan postpones India visit amid Middle East crisis

Coral reefs hit by fourth global bleaching event

Azerbaijan, ACWA Power discuss cooperation on onshore and offshore wind energy projects

Azerbaijan exports crude oil and oil products worth about $3.5 billion in Q1 2024

Abu Dhabi playing host to 14th Assembly of International Renewable Energy Agency

Memorandum of Understanding on establishing Türkiye-Azerbaijan University approved - ORDER

bp begins oil production from major new platform offshore Azerbaijan

Azerbaijan exports 67.600 tons of petroleum coke in Q1 2024

Mexico City records record-high temperature of 34.2C

Copenhagen fire: Spire collapses as historic stock exchange engulfed by flames

World's fastest camera captures footage at 156 trillion frames per second

Tesla lays off ‘more than 10 percent’ of its workforce, loses top executives

® First quarter 2024 financial results revealed by Kapital Bank

President Ilham Aliyev laid foundation stone for Shirvan irrigation canal in Hajigabul district
The head of state addressed the event VIDEO

Azerbaijan will also become a reliable green hydrogen supplier for EU, says Energy Minister

UEFA Champions League quarterfinal 2nd leg to kick off with 2 matches

Azerbaijani gymnasts to flight for glory at Czech Aerobic Open 2024

Türkiye’s 1st indigenous Earth observation satellite completes 1st year in space

Azerbaijan, Türkiye exchange mutual experience in military information field

Military ammunition found in Azerbaijan’s Jabrayil district

President Ilham Aliyev: We are doing everything in a planned manner in order to obtain maximum efficiency from every inch of land VIDEO

President: We now have full possession of our water resources

President Ilham Aliyev: Caspian Sea water desalination project is underway

President of Azerbaijan: We are implementing large-scale work in Karabakh and Eastern Zangezur that is unmatched on a global scale VIDEO

President: Many infrastructure projects have been solved in Azerbaijan

Major infrastructure projects facing the government in the coming years disclosed

President: Efficient utilization of water resources is our primary task

Azerbaijani President: The Shirvan canal will be our largest project in terms of water volume and coverage of farmland

President: After the Shirvan irrigation canal has been put into operation, Lake Hajigabul will also be filled

President Ilham Aliyev: Among infrastructure projects implemented in Azerbaijan in recent years, Shirvan irrigation canal holds special importance

Australia: 15-year-old arrested over Sydney church stabbing

South Caucasus is a region of growing importance, says Kazakh expert

Baku hosting Azerbaijan Insurtech Summit for first time

Combined Arms Army conducts technical inspection of auto vehicles

UN’s Indigenous Issues Permanent Forum opens session focused on youth voices

Baku Book Center hosts presentation of methodological manual “Azerbaijani language proficiency level requirements”

Center for Analysis of Economic Reforms and Communication transferred all information systems to "Government Cloud"

Azerbaijan, Serbia explore current state and prospects of strategic partnership

China's GDP expands 5.3 pct year on year in Q1

Oil prices go up in global markets

Azerbaijani oil price declines in global markets