15 Jul 2018
Back to blog
Someday in March I was greeted with a text message telling me that I need to send a text in order to enable online transactions, and the message was from Maybank.
Initially I am quite puzzled — I have used my card for purchases online without any issues at all, but what is this message really for? The message does not contain anything else than telling me to send an SMS to a short number 66628. This was really new, but I tried to search on Google anyway. After a good look I found a link to the official Maybank site .
Unfortunately it is nothing new for me. I already know that it is a practise in this country to initially block any online transactions (as they call it CNP or card not present) until a request is made by the cardholder.
But surely they are not messaging people for fun, right? So I have this impression that they may have revised the freedom of cardholders on spending online using their Debit card. With such an idea, I imagined that I could now able to purchase anything on places I trust that do not have the 3D Secure (MSOS), for example where this website is hosted, and Steam.
Not too fast, Shahmi! A link on the Google results caught my attention real good. It seemed that I have received a message that should be sent 2 years ago! 😐
I have found a blog entry which guide you on how to enable CNP online purchases. That entry was published on December 2015. 😐
As the blog post outlined, the message was mass produced at that time of the year. However, the author also mentioned that some few, including him/her did not receive the SMS.
This made it very confusing for me. Back then when I had troubles with purchases, the Maybank staff only said that purchases not covered by MSOS (3D Secure) will not go through. Asked if there are any options, I was informed that there are no way I could bypass this limitation. Way to go, Maybank employee! This made it 3 times that a Maybank employee did very bad in handling customer service for my own experience.
In a common situation, the average user do not need to enable CNP-purchase ability. 3D Secure is a method designed to protect you by verifying if you are the person who made a purchase by sending you a one time TAC for you to enter. This may be simple, and kind of easily workaround-able if a person posses your device, however, it does effectively cut down on the number of fraudulent purchases.
As a clarification — if you enable CNP-purchase ability, someone who has your debit card information (number, expiry, CVV) could place an order freely without you knowing. Of course, they also don't need to have the physical card.
Therefore, if you ever decided to have this ability, you need to be extra careful with your card details.
I only have the resource to Maybank and CIMB bank. If you are using other banks, kindly contact their customer careline and explain to them your intent. Hopefully the operator is not the same like mine was 2 years ago.
For Maybank: Send an SMS to the number 66628 with the content:
ONCNP [your IC here without dash]
For CIMB: Send an SMS to the number 62666 with the content:
OPTIN [last 4 digits of your debit card number]
I do not know if this would still work, but doesn't hurt to try. Let me know if it didn't work. Also do place a call to their customer careline instead if that was the outcome.
Hopefully, if you are a person like me who needs to place payments where the merchant do not have 3D Secure baked in (Steam!!!), you now have one less thing to worry about. Thank you for reading!
She has a personality that makes her shine really bright.
She is cute, and beautiful. Truly a view to ponder.
We make for each other, and I am really proud to be with her.
I love Abel so much ❤💕