Deep, deep dive
How safe are e-wallets?
An e-wallet must be licensed by Bank Negara Malaysia (BNM) so before you get an e-wallet, you should always check that it is licensed by BNM.
Generally, there are 2 main aspects to think about when understanding how safe an e-wallet is:
- Is your information confidential?
Under the BNM guidelines, companies that have licensed e-wallets have to put in place security measures to make sure your information is kept secure. These measures are usually updated from time to time to ensure the security is up to date. While these security measures cannot be 100% secure, it helps to protect your information from being leaked.
- Is your money safe?
If your e-wallet is from a member bank of PIDM, your money would be protected by PIDM. PIDM is a form of deposit insurance. So if anything happens to the bank, your money will be returned to you (usually capped at RM250,000). However, for other e-wallet companies, your money is not guaranteed by PIDM. That being said, there are plenty of regulations put in place by BNM for the e-wallets to follow. Meaning, these companies won’t use your money to spend or invest elsewhere. Even if the company goes bankrupt, your money should be refunded to you.
Remember, even though there are security measures in place, you should also take your own steps to keep your e-wallet safe. You should start by keeping your device secure, like with a screen lock password or biometric scanning (fingerprint, face ID). Securing your device is important because if someone gets your phone, the person would be able to access your e-wallet once they get into your phone.
You don’t need a password to open your e-wallet app. Here’s where e-wallet security can get a bit tricky. For some e-wallets, once you’ve linked your bank account or card to the e-wallet, you usually won’t need to do any further verification to top up the e-wallet or make payments. For other e-wallets, you’d need to put in a password/OTP/TAC every time you make a payment, which keeps your e-wallet more secure if someone other than you tries to use your e-wallet.
Regardless of the type of e-wallet, your safest option would be not to link any cards or accounts to your e-wallet. So, you’d have to key in bank or card information each time you top up your e-wallet, which is less convenient. (See the next section on How to set up and use an e-wallet?)
In addition, always remember not to share your personal information like bank account or debit/credit card numbers, OTP or TAC codes with anyone.
Additionally, since e-wallet reloads are done using online banking, debit or credit cards, you should always monitor your transactions for any unfamiliar activity.