|
Following the effective date of Decree 23/2025/ND-CP on electronic signatures and trusted services, what, in your opinion, should banks do to ensure the widespread use of digital signatures in the banking industry?
To properly implement Decree 23/2025/ND-CP, in my opinion, banks must simultaneously standardize technical infrastructure, legal procedures, risk management, along with personnel training and customer guidance communication, so that digital signatures become a common tool in signing credit contracts, opening accounts, and providing investment services.
Regarding technical infrastructure, banks should integrate their systems (especially core banking) with trusted service providers/CAs licensed under the Decree; while ensuring data integrity through encryption, secure storage, and the ability to verify contracts and transactions when needed. Digital signatures also need to operate stably across multiple platforms such as web, mobile, and internal systems.
Regarding legal procedures, research should closely integrate eKYC with digital signatures to ensure that the signatory is indeed the subject of the transaction and standardize the process of storing electronic contracts so that they can be extracted and presented in case of disputes. In terms of risk management, banks need to prepare authentic evidence, classify risks by service to apply appropriate control measures, and strengthen internal auditing.
In my opinion, the biggest bottleneck remains user habits and trust. Besides that, the cost of digital certificates is an economic barrier; and integration with core banking is a technical barrier that can be overcome. These barriers can be addressed with technology and pricing/fee policies, but changing habits and building customer trust will take time.
Banks now use various signing and authentication methods such as tokens, digital signatures on apps, OTPs, and biometrics. In your opinion, which authentication method should be applied to individual customers to ensure both convenience and security?
For individual customers, commercial banks need to classify transactions according to risk level and legal value to choose the appropriate signing/confirmation method.
For small-value, high-frequency transactions, OTP combined with biometric authentication should be prioritized for convenience and basic security; for large-value transactions or legally binding contracts, digital signatures (tokens or remote digital signatures) should be used to ensure legal evidence; and for high-value transactions with very high risk such as money transfers, investments, and securities trading, banks need to implement multi-factor authentication combining digital signatures with OTP/biometric authentication.
According to him, how will integrating remote digital signatures on the identity verification platform (VneID) affect compliance costs, the efficiency of process digitization, and the bank's ability to combat identity fraud?
Regarding compliance costs, implementing remote digital signatures linked to VNeID can help reduce the cost of issuing and managing physical devices such as USB tokens and smartcards, thereby saving money for both banks and customers. At the same time, banks do not necessarily have to build their own authentication systems; they can rely on the VNeID platform, which is already recognized by the State, thus reducing the cost pressure related to auditing and legal processing.
This model also helps shorten the time for opening accounts, loan appraisal and approval, etc., and allows customers to digitally sign for many services such as credit, investment, and insurance with just one signature. From the bank's perspective, the "one-time connection" with VNeID also helps to quickly expand its application to all products and services.
With its anti-identity spoofing and dispute reduction features, VNeID is linked to identification and biometric data, making spoofing more difficult and reducing the likelihood of transaction denial. In this context, OTP hijacking is also less significant, as the primary basis remains the digital signature.
Thank you very much, sir!
Source: https://thoibaonganhang.vn/chu-ky-so-manh-ghep-then-chot-trong-hanh-trinh-so-hoa-ngan-hang-175046.html
Comment (0)