CBSL urges customers to be on guard when making e-payments


The Central Bank of Sri Lanka (CBSL) today cautioned the customers to adhere to ‘adequate safety measures’ when making e-payments.

Issuing a release, the Payments and Settlements Department of the CBSL has requested the customers to be cautious when providing confidential information such as current and savings account numbers, credit or debit card details including the card number, CVV number and expiry date, National Identity Card (NIC) numbers, Internet or mobile banking or e-wallet passwords, Personal Identification Numbers (PINs), transaction verification information such as One-Time-Passwords (OTPs), transaction verification amounts and any other information that could be used to access, use or authenticate current and savings accounts, payment cards, e-wallets or any other e-payment methods.

Such information is provided to verify the customer’s identity and thereby increase the security of financial transactions and safeguard customer funds, the release said further.

It read that electronic payment (e-payment) methods, such as real-time interbank fund transfers from customer current and savings accounts as well as card payment facilities, have provided a great convenience to customers.

Sri Lanka’s payment systems and infrastructure meet international security standards to ensure the safety of customer funds, the CBSL says.

The CBSL cautions the customers not to share passwords, PINs, OTPs, transaction verification amounts or other transaction verification information with any party and says that they are only used for its specified purpose.

Failing to adhere to such safe practices will reduce the safety of customer’s own funds as fraudulent parties could gain access to customer accounts as well as funds using such information, the CBSL pointed out.

The Central Bank of Sri Lanka (CBSL), together with Licensed Financial Institutions (LFIs) and other stakeholders, has implemented several measures to help customers prevent fraudulent electronic transactions.

Accordingly, LFIs are required to provide Short Message Service (SMS) alerts or any other real-time notification facilities for all e-payments as well as issue EMV chip-based payment cards, the release read.

EMV chip-based payment cards have enhanced security features that are designed to prevent card-related fraudulent activities, it further said.

In order to prevent unauthorised electronic transactions, the CBSL has notified customers to register for real-time e-payment notification facilities as well as obtain EMV chip-based payments cards from their respective LFIs without delay and exercise caution when sharing information that can be used to carry out e-payments.