THIS SECURITY ARRANGEMENT DETAILS THE PROCEDURES EMPLOYED BY MAYBANK IN SAFEGUARDING THE SECURITY AND INTEGRITY OF ANY INFORMATION AND TRANSACTIONS TRANSMITTED OR MADE VIA Maybank2E AND OF Maybank2E ITSELF.
We shall at all times and to the best of our ability, endeavour to ensure that all materials, data, communications and/or information exchanged, disclosed, shared, stored or otherwise used ("Information"), or any transactions which are made via Maybank2E ("Transactions") are kept private and confidential. Further thereto, we shall comply with and adhere to the requirements of Bank Negara Malaysia pertaining to the privacy and confidentiality of the Information and Transactions as well as the need to maintain the security and integrity of Maybank2E. In pursuance of these objectives, we have set in place a multitude of security procedures and requirements which are designed to ensure the optimum security of the Information, Transactions and Maybank2E at all times, all of which are elaborated upon below.
Data Privacy, Confidentiality & Integrity
In order to ensure the privacy, confidentiality and integrity of the Information and Transactions transmitted or made via Maybank2E, we have engaged the use of a combination of authentication, encryption and auditing mechanisms which serve as a powerful barrier against all forms of system penetration and abuse.
These mechanisms include but are not limited to the following:-
- Information Protection;
- Data Confidentiality & Data Integrity;
- System Security & Monitoring; and
- Computer Virus Protectio
To prevent unauthorised access to our online financial services as offered through Maybank2E, every user is required to select a username ("Username") and an alphanumeric password ("Password"), which are the Access Keys to your financial information, banking facilities and the product and services offered via Maybank2E. The Username must be between 6 to 16 characters and the Password must be between 8 to 12 characters. In both cases, special characters and spaces should not be used, with the exception of underscore.
The Username and Password are case sensitive. For example, if your Password is "maybank2e" and you key in "maybank2e", you will not be able to login (the "e" must be lowercase).
To ensure the integrity of these Access Keys, you are advised to maintain its confidentiality by not sharing it or making it accessible to any other person and to take all reasonable endeavours to maintain its security which may include, memorising the Access Keys, changing your Password regularly and signing off before visiting any other Internet sites.
In addition, users who are acting as authorisers are required to use digital certificates for the purposes of ascertaining and authenticating their identity before a transaction is approved.
We take considerable effort to ensure a safe and secure online experience, but we do not have control over the computer you use to access Maybank2E. We have incorporated the usage of cookies for authenticating, tracking, and maintaining specific information about user(s). As an added security feature, an automatic log out function if no activity is detected after a preset time limit.
However, you must ensure that your computer and you do not provide anyone opportunity to gain access to your account information. The following are several tips and guidelines that may assist you:
- Ensure no one has access to your computer, Access Keys or records of your online activities.
- Always log out of Maybank2E immediately after completing transactions and before visiting other websites.
- Do not send any information about your account or other financial or confidential information via email.
- Disable the AutoComplete function on your browser to avoid automatic completion of your Access Keys when you type in the said Access Keys.
- Clear your cache and close the browser window after each session.
For example: To turn AutoComplete "On" or "Off" in MS Internet Explorer browser:
- is requested or authorised by you or any other persons purporting to be you upon the satisfactory verification of identity by us in accordance with our prevailing procedure;
- Click "Internet Options" to get the "Content" tab.
- From this tab, click the "AutoComplete" button.
- Uncheck "Usernames and Passwords on forms".
Data Confidentiality and Data Integrity
To ensure data confidentiality and integrity, all information transmitted over the Internet is encrypted using the 128-bit Secure Sockets Layer (SSL) protocol from Verisign Certificate Authority. SSL is a secure way of transferring information between two computers on the Internet using encryption. Strong end-to-end encryption is also adopted within our computer networks and resources.
Systems Security and Monitoring
Maybank has adopted a combination of the following systems security and monitoring measures for online transactions:
- Firewall systems, strong data encryption, anti-virus protection and round-the-clock security surveillance systems to detect and prevent any form of illegitimate activities on our network systems.
- Regular security reviews of our systems by our internal system auditor as well as external security experts.
In addition to the measures adopted by us, we would recommend that you consider installing a personal firewall or, at a minimum, power-off your PC when it is not in use.
We also take every effort in ensuring collaboration with major vendors/manufacturers to keep abreast of information security technology developments, for possible and future implementation.
Computer Virus Protection
Computer viruses are real and once your computer is infected it can cost you time, loss of information, repair expense, and aggravation. Make sure your computer has an anti-virus protection program installed to reduce the risk.
We recommend that you purchase a program that automatically upgrades your virus protection on a recurring basis. If you currently have a virus protection program on your computer without the automatic upgrade feature, make sure you update your virus protection program at least monthly and/or when you hear of a new virus to minimize your risk. You can do this by visiting the Internet site of the company that provides your virus protection program.
In addition, we would advise against opening attachments from others or using diskettes unless you have absolute certainty that you can trust the source. Notwithstanding, we would advise that you still remain cautious as whoever sent you that attachment or gave you the diskette may themselves be unaware that they have carried the virus to you.
Further to the rest of this Security Arrangement and for the purposes of clarification, any and all Transactions which are initiated by or originate from the Customer's Access Keys (which shall be taken to include the Access Keys of the Customer's duly appointed users) shall be deemed to have been initiated or originated from the said Customer and accordingly, we shall be entitled to carry out the said Transactions as if we had been duly instructed to do so by the respective Customer.
We also maintain and constantly update the logs of the Transactions which record, among others, the Transactions entered into by our Customers (including you) and the nature, time and date of the same, all of which serves to enable us to verify the various Transactions made and act as evidence thereof should there ever arise a dispute as to the same.
Access Control & System Design
Maybank2E is designed and developed with the primary and utmost intention of safeguarding the security and integrity of all Information and Transactions at all times. Pursuant thereto, Maybank2E deploys a wide range of security features all of which are constantly reviewed and audited to determine their effectiveness and further updated and maintained to ensure that these security features perform at optimum standards at all times.
We also adopt a variety of monitoring and review measures upon the security and integrity of Maybank2E, which include but are not limited to:
- Enhanced data-encryption methods;
- Anti-virus detection, prevention and protection procedures;
- Firewall barriers; and
- Surveillance and detection,
all of which are designed and implemented to intercept and prevent any form of attack on, penetration of or otherwise unauthorised access into Maybank2E and to ensure that the critical sectors of Maybank2E including the storage of the Information, the Information itself and the processing and authentication of the Transactions are, at all times, kept free from such attack, penetration or unauthorised access ("System Security Monitors").
We shall also endeavour to conduct regular and thorough reviews or audits of our System Security Monitors, both by our internal security auditors as well as by external security experts. These reviews and audits may include but are not limited to actual penetration testing and intrusion detection on our said System Security Monitors which will enable us to determine whether there are any defects, faults, malfunctions or shortcomings (the "said defects") in the same. In the event the said defects or otherwise a breach of Maybank2E is discovered, we shall in the case of a security breach, promptly report the same to the appropriate management and Bank Negara Malaysia and immediately proceed to rectify or remedy the same. For this purpose, we may be required to temporarily or indefinitely suspend all use of Maybank2E until such time when the said defects are rectified or remedied without any notice and without any liability whatsoever to you.
While we have the capabilities to ensure that the privacy, confidentiality and integrity of the Information, the Transactions as well as the security and integrity of Maybank2E itself are at all times, safeguarded, maintained and secure, we shall from time to time collaborate efforts with other major hardware, equipment or software vendors and manufacturers in an effort to keep abreast with the developments and improvements made to the same. Accordingly, where we believe that such developments and improvements would serve to provide enhanced security to the Information, Transactions and Maybank2e.net above, we shall not hesitate to implement the same for our joint-benefit.
This Privacy Notice outlines how Maybank Group collects, uses, maintains and discloses your personal data in respect of commercial transactions and how Maybank Group safeguards the personal data.
"Maybank Group" or "We" in this Privacy Notice refers to Malayan Banking Berhad ("Maybank"), including its branches in Malaysia and in other countries as well as its local and overseas subsidiaries or, as the context may require, any of them.
Your consent is important
When you request information or sign up for our products and services or when you enter into any commercial transactions with the Maybank Group, you may be required to provide Maybank Group with your personal data. In doing so, you consent to its use by Maybank Group in accordance with this Privacy Notice. Your personal data may have otherwise been provided to the Maybank Group by a third party (for example your spouse, a company in which you are a director, an officer or a shareholder, or a partnership in which you are a partner) for products or services that these third parties have sought from the Maybank Group. In this context, the term "you" or "your" in this Privacy Notice extends to any individual whose personal data has been provided to the Maybank Group and/or has been collected in other circumstances as described in Section 3 of this Privacy Notice.
We may collect your sensitive personal data (including, data relating to your physical or mental health, the commission or alleged commission of offences etc.) if you apply for certain products such as health / life insurance or housing loans, which require you to disclose such sensitive personal data to us. We will only use your sensitive personal data to provide the service(s) you signed up for. If we collect, use, maintain or disclose your sensitive personal data, we will ask for your explicit consent.
You have the choice, at any time, not to provide your personal data/sensitive personal data or to revoke your consent to Maybank Group processing of your personal data/sensitive personal data. However, failure to provide such personal data/sensitive personal data or revocation of your consent to process personal data/sensitive personal data provided may result in Maybank Group being unable to provide you with effective and continuous products and services.
What types of personal data do we collect?
Personal data refers to any information that relates directly or indirectly to an individual, who is identified or identifiable from that information or from that and other information in the possession of Maybank Group, including any sensitive personal data and expression of opinion about the individual.
The types of personal data we collect may include, but is not limited to your name, address, other contact details, age, occupation, marital status, financial information such as your income, or income tax particulars your identity card or passport, place of birth, credit history and your transaction history.
The personal data we collect can be either obligatory or voluntary. Obligatory personal data are those that we require in order to provide you with our products and services. If you do not provide us with obligatory personal data, we would not be able to provide you with our products and services. Voluntary personal data are those that are not mandatory in order for us to provide you with our products and services. If you do not provide us with voluntary personal data, you can still sign up for our products and services. Obligatory and voluntary personal data differ for each products and services and will be indicated in the application forms.
How do we collect your personal data?
We obtain your personal data in various ways, such as:
- When you sign up for or use one of the many services we provide or when you register an account at any Maybank Group websites.
- When you contact the Maybank Group through various methods such as application forms, emails and letters, telephone calls and conversations you have with our staff in a branch. If you contact us or we contact you using telephone, we may monitor or record the phone call for quality assurance, training and security purposes.
- From our analysis of your transactions (e.g. payment history, loan, or deposit balances, credit or debit card purchases).
- We may also obtain your personal data when you participate in customer surveys or when you sign up for any of our competitions or promotions.
- When we obtain any data and information from third parties (e.g. credit reference agencies, regulatory and enforcement agencies, employers, joint account holders, guarantors, legal representatives, spouses, parents, guardians, dependents and/or companies/partnership that you hold directorships, shareholdings or partnership in).
- When you enter into any commercial transactions with the Maybank Group including but not limited to you providing goods and/or services or your professional services;
- From publicly available sources.
Personal data we collect from our websites
An IP address is a number that is automatically assigned to your computer when you signed up with an Internet Service Provider. When you visit our website, your IP address is automatically logged in our server. We use your IP address to help diagnose problems with our server, and to administer our website. From your IP address, we may identify the general geographic area from which you are accessing our website. Generally we do not link your IP address to anything that can enable us to identify you unless it is required by law and regulation.
Information on Cookies
What is the purpose of processing your personal data?
We may process your personal data for the following reasons:
- To assess your application for any of our products and services.
- To verify your financial standing through credit reference checks.
- To manage and maintain your account and facility.
- To evaluate your financial needs and to continue performing the contractual obligations entered into between the Maybank Group and you.
- To respond to your enquiries and complaints and to resolve disputes.
- For internal functions such as evaluating the effectiveness of marketing, market research, statistical analysis and modelling, reporting, audit and risk management and to prevent fraud.
In addition, we may also use your personal data for the fulfilment of any regulatory requirements and for any other reasons connected with providing you the services you require and fulfilment of any commercial transactions entered into by you with the Maybank Group.
From time to time, we may share your personal data with other entities within Maybank Group, our agents or strategic partners and other third parties (“other entities”) as Maybank Group deems fit and you may receive marketing communication from us or from these other entities about products and services that may be of interest to you. If you no longer wish to receive these marketing communications, please notify us to withdraw your consent and we will stop processing and sharing your personal data with these other entities for the purpose of sending you marketing communications.
You have a choice to withdraw your consent for receiving marketing or promotional materials/communication, you may contact us using the contact details found below. Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, it may take up to fourteen (14) working days for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time. Please note that even if you opt out from receiving marketing or promotional materials, Maybank Group may still contact you for other purposes in relation to the accounts, facilities or services that you hold or have subscribed to with Maybank Group.
To whom do we disclose your personal data?
Your personal data held by us shall be kept confidential. However, in order to provide you with effective and continuous products and services and to comply with any legal and regulatory requirements, we may need to disclose your personal data to:
- Other entities within Maybank Group.
- Credit reference agencies when you apply for any of our credit-based products such as personal loan, credit card, mortgage, etc.
- Our authorised agents and service providers with whom we have contractual agreements for some of our functions, services and activities.
- Financial service providers (e.g. mortgage brokers, insurance companies).
- Our merchants and strategic partners.
- Parties authorised by you.
- Enforcement regulatory and governmental agencies as permitted or required by law, authorised by any order of court or to meet obligations to regulatory authorities
The disclosure of your data may involve the transfer of your personal data to places outside of Malaysia, and by providing us your personal data you agree to such a transfer where it is required to provide you the services you have requested, and for the performance of any contractual obligations you have with Maybank Group including for storage purposes.
How do we protect your data?
The security of your personal data is our priority. Maybank Group takes all physical, technical and organisational measures needed to ensure the security and confidentiality of personal data. If we disclose any of your personal data to our authorised agents or service providers, we will require them to appropriately safeguard the personal data provided to them.
How long may we retain your personal data?
We will only retain your personal data for as long as necessary to fulfil the purpose(s) for which it was collected or to comply with legal, regulatory and internal requirements. Afterwards we will destruct or permanently delete your data.
Changes to this Privacy Notice
Please note that we may update this Privacy Notice from time to time. If there are material changes to this Privacy Notice, we will notify you by posting a notice of such changes on our website or by sending you a notification directly. Do periodically review this Privacy Notice to stay informed on how we are protecting your information.
This Privacy Notice was last updated in April 2014.
How can you access / correct / update your personal data?
We are committed to ensure that the personal data we hold about you is accurate, complete, not misleading and up-to-date. If there are any changes to your personal data or if you believe that the personal data we have about you is inaccurate, incomplete, misleading or not up-to-date, please contact us so that we may take steps to update your personal data.
You have the right to access your personal data. If you would like to request access to your personal data, please contact us. Please note that depending on the information requested we may charge a small fee. We may also take steps to verify your identity before fulfilling your request for access to your personal data.
How may you contact us?
If you need to contact us, you may visit any of our branches, call our Customer Care hotline at 1-300 88 6688 or 603 -7844 3696 (overseas), or visit us at www.maybank.com. For corporate customers, you may contact your relationship manager directly.
We provide the Privacy Notice in both English and Bahasa Malaysia. In case of any inconsistencies between these two, the English version shall prevail. In case there are inconsistencies on how we collect or use your personal data between this Privacy Notice and the terms and conditions of your specific product or service or other contractual documents, the terms and conditions of your specific product or service or other contractual documents shall prevail.
If you have provided the Maybank Group with personal data of a third party, please ensure that you have obtained the third party’s consent in relation to the processing and disclosure of their personal data and that this Privacy Notice is brought to the attention of any such third party.
Last updated: April 2014
Click here for Privacy Notice (BM)
Click here for Frequently Asked Questions
AT MALAYAN BANKING BERHAD, WE ARE COMMITTED TO ENSURING THAT THE STANDARDS OF OUR PRODUCTS & SERVICES PROVIDED TO OUR CUSTOMERS UNDER THE www.Maybank2e.net WEBSITE IS AT ALL TIMES, RELIABLE, OF HIGH QUALITY AND IN ACCORDANCE WITH OUR CLIENT CHARTER SET OUT BELOW.
Ensuring Safe Operations
We shall, at all times, use our best efforts in ensuring that our products and services, all of which are offered by us or our third party vendors, are dependable, reliable and secure. We also endeavour to ensure that all the necessary computer and network security standards including high-end access and authentication protocols are installed as well as employing the use of firewalls at strategic points, all of which are engaged to protect, secure and safeguard the integrity and privacy of any transactions which you may enter into with us.
Safeguarding the Privacy of Your Information
We recognise the fundamental importance of public trust and confidence in our products and services. Accordingly, we have made it our policy to respect, maintain, protect and safeguard, at all times, the privacy of your personal, banking and financial information as well as any other information in respect of or pertaining to the same ("Information") which you have disclosed, shared, exchanged or otherwise provided to us.
Providing Reliable & Quality Services
We believe that your comfort and satisfaction is of paramount importance to us and for these purposes, we are responsive and at all times welcome your suggestions and comments in respect of the same. Pursuant thereto, we endeavour to use all practicable methods in providing you with reliable and high-quality services, among which include using high-end hardware, equipment and software, engaging qualified & trained personnel as well as employing business methodologies which are in compliance with the requirements of Bank Negara Malaysia.
Ensuring the Transperency of Our Products & Services
We are committed to ensuring the transparency of our products and services at all times and pursuant thereto, we shall not in the provision of our products and services engage in conduct which is deceptive, fraudulent or otherwise misleading. We shall also ensure, to the best of our ability, that any and all representations, statements and assurances which are made or provided by us with regards to our products and services are at all times accurate and true.
Providing Prompt Response & Action for Customer Inquiries & Compliants
We, at all times, welcome and encourage you to raise any inquiries, feedback, comments, suggestions, concerns or complaints which you may have in respect of our products or services, which we, on our part, shall use our best efforts to promptly attend to and where needed, to render the necessary action in respect of the same.
For this purpose, please do not hesitate to contact our Helpdesk:
TRANSACTION BANKING, GLOBAL WHOLESALE BANKING
23RD FLOOR, MENARA MAYBANK
100, JLN TUN PERAK
50050 KUALA LUMPUR
TEL. : 1-300-887788
FAX. : 603-20720548
E-MAIL : email@example.com
Last updated December 31, 2013
Malayan Banking Berhad