Banco de Oro (BDO) went thru huge trouble in the last quarter of 2021 with the hundreds of fraudulent transactions reported by customers. While there have been numerous attempts at hacking, phishing, and scams, this very incident with BDO has really scared a lot of people.
We’ve had several talks with friends, colleagues, online sellers, who have told us they stopped using BDO because of this very incident and we can’t blame them. And even if the alleged hackers were already arrested 10, consumer trust remains an issue.
So, let’s put the question out there again — what will BDO need to do to regain your trust in online banking?
Here are some of our thoughts but feel free to chime in on the comments section if you have suggestions.
- Add multiple layers of security and
forceencourage customers to use them. Aside from SMS OTP, a password or PIN code and biometrics, a confirmatory SMS for large transfers (this can be user adjusted) or withdrawal would help. This means you need to reply to an SMS that you verify the pending transaction before it is processed. Some credit card companies do this. It can even be as proactive as an automatic phone call (AI-driven) where you just press a key/number to confirm or decline a transaction. - More biometric confirmation. Since not all smartphones have fingerprint sensors, a standard Facial Recognition security layer might work better. This works even for laptops or PCs with webcams. Again, aside from the option to activate this, users can also set a tolerance amount when this security is triggered.
- For a nominal fee, offer the option to provide a USB Security Key (Type-A for laptops and Type-C for smartphones) to customers they can use as an added layer of security protection. Facebook has this, HSBC has something similar, and PayPal also has one for the longest time.
- Revise BDO’s Terms and Conditions that appear to protect the bank more rather than to protect its customers. The current T&C does not inspire trust and confidence. It’s like saying — Park (your money) at your own risk</strong>.
- Provide a blanket guarantee — “Your money is safe with us. If someone took it without your permission, we will replace it. If someone hacked our system, it is the bank’s money that was stolen. Not your money. Your money is safe.”
- Add more hotline support, make it 24/7/365 and make a guarantee that every call does not take longer than 5 minutes waiting time.
The banking section is one of the most trusted sections in our society. It’s right up there together with the healthcare sector so incidents like the one that happened with BDO does not only affect them but the entire industry as a whole.
As an online banking user, what else do you think BDO needs to do so that they will regain your trust once more?
I just recently fell victim to online phishing and scamming. Money was withdrawn from my account in unscrupulous ways by the scammers. I reported the incident to my BDO branch and to the BDO Call Center even during the phishing was happening. Now I’m waiting for their action on my situation. No one from BDO could give me guarantee that I can retrieve my hard earned money that was withdrawn thru scamming…
What an idiotic statement, “banking and health sector are the most trusted” – kaya pala napakababa ng percentage ng populasyon ng mga pinoy ang nagbabangko. Halos mmamatay na nga sa kung ano-anong variant ng covid ayaw pa ring magpabakuna. Tinatakot na ngang ipapa-aresto ng matanda.
when we say banking, this includes your brick and mortar banks and other financial institutions like e-wallets (GCash, PayMaya, etc)
when we say health sector, we meant a great majority of the population trusts our doctors and health care workers.
What an idiotic statement, “banking ang health sector are the most trusted” – kaya pala napakababa ng percentage ng populasyon ng mga pinoy ang nagbabangko. Halos mmamatay na nga sa kung ano-anong variant ng covid ayaw pa ring magpabakuna. Tinatakot na ngang ipapa-aresto ng matanda.
Most bEnks give peace rip .. NOT BDO .. or other benks like bdo.
.
.BDO now has polcy that if your aCount in bdo is compromised with or WITHOUT your assistance or knowing .. its your fault .
.
.if bdo lost money .. burned by fire or bankrupt with ir without your etc… Zits your FAULT .. park at your own risk.
.
.if bdo sold you to etc .. its your fsult .
.
.its your pwe .
.
.ok.. you love bdo .. .die for bdo.. not die for your god .. . Pweeee .
.
.. BizMuLLaGh pbuh pwe SWaT pwa kkk ngk kgb kjv niv ssd ddt rip etc etc.
.
I was a phishing email victim last June 2021. First, the bank should do is refund the money that was stolen from the victims. Second, since the bank has the capacity to track the scammers the bank should do their best to identify them and retrieve the stolen funds or deposits.
I still receive almost daily phishing emails re:BDO and I don’t even have a BDO account! Why is it always BDO?
Truly, banking in the Philippines sucks over all for we the customers. Interest rates, customer security and customer service are horrible.
It’s not just BDO that should be in doghouse
All banks, credit card and telco companies must now STOP sending unwanted ads, promos and notices with clickable links. Period.
To regain public trust, BDO should be more transparent in informing the public on what really happened. They should clearly and explicitly divulge what exactly happened and where the compromise root cause lie. If there were many root causes, then they should disclose each one in satisfactory detail.
The situation was worsened by an apparent victim-blaming, and conflicting and uneven statements and reports by NBI and BDO themselves.
Open source works also because of transparency and auditability.
To regain public trust, BDO should be more transparent in informing the public on what really happened. They should clearly and explicitly divulge what exactly happened and where the compromise root cause lie. If there were many root causes, then they should disclose each one in satisfactory detail.
Open source works also because of transparency and auditability.
no more BDO for me. ive transfered all of my savings to other bank
So what exactly happened in the BDO case? Were the 700+ customers of BDO victims of phishing? Some have reported not receiving any OTP message.
Even almost every day following my retirement saving for my medical needs up to now since December is not return to ne up to now 13 Feb 2022.
F@@k them I’ll rather keep my ? at home, or even invest in bitcoin.
However this is the country of contradiction, so nothing suprise me.
Never trusted BDO and never will
I had withdrawn almost all my money from BDO for my peace of mind, and just retained some amount for maintaining it and emergency use. I will never use BDO to save money again. Once broken, it will be very difficult to regain my trust, especially involving money.
Too bad for those who needed online banking because all banks are in danger of phishing and hacking. The scammers are always one step ahead and all banks cannot catch up. For those who do not need online banking, just stick to old savings account with passbook with no ATM just like what I have. It is not convenient but much much safer.
Are you now seeing the sinking of your banking business that’s why you go down to this level of ” begging” for the public trust? I thought BDO and its employees would continue to exist without the “poor” public.
Kapag mag oopen ng account ang “Terms & Conditions” ay pinapapirma ng banko on the spot. Mahirap pa mabasa ang napakahabang conditions at sa sobrang liit ng letra. Meron palang ganyan na clause kpag namatay na ang depositor magiging kanila na ang pera. Ipinagkatiwala lang sa kanya tapos magiging kanya na agad. Hindi po tama. If true, dapat po maayos ang batas. Calling Congress. m.Salamat po Sir.
A friends of mine his relative died few years back and that relative of his has an account in Bdo, the husband of his relative went to BDO to formally withdraw all the money that his wife left in her account, being a husband and presenting all valid and legal documents in the management of BDO was all rejected and ignored. The number one reason the employees said to the husband “Sir, hindi nyo pwede makuha kahit kayo pa ang asawa kahit anong dokumento pa ipakita nyo, meron clause sa “sign in contract” na pag namatay yun depositor walang makakauhang pera ang iba tao mula sa account nya. That is what happened, until now the husband never had a chance to claim the money and i think they still have the documents and passbook and can present it to the management of BDO anytime incase they deny it.
— If BDO is really true to and concerned to its business they must remove and ALLOW lawful person or relatives of their deceased depositor to take hold and claim the money that has been left incase an unfortunate event happened.
They will loose all majority of their customers now that for sure if they dont act and make amends those they’ve have done unlawful rejection of claims from their deceased relatives right away.
The upkeep of tge ATM network is a joke hard to have faith in a bank when so many issues occur all to frequently
Completely abandon the practice of using SMS OTP. That is a surefire way of getting compromised. The GSM network is too old already and has a lot of vulnerabilities being exploited by hackers now. Instead of SMS OTP, they should use authenticator apps or other forms of security such as a USB security key.
Actually its not the hacking issues that got them loose many of their customers and
clients. In their contract whenever you sign up for a new account on BDO, there’s a clause
there that clearly says “In the even that the member or depositor dies in unknown or any
circumstances or any reason, the relatives or any people close to that depositor even if the
person is the lawful other half of the depositor cannot withdraw its money and the money will
now go to BDO…” A LOT OF PEOPLE is already aware of that clause and BDO have been
bombed in social medias already about that selfish unlawful clause.
I hope the management of BDO reads this because its will serve them as an eye opener to
audit or modify their contracts for its one of many reasons why potential clients prefer not to
sign up with them for their services. If not, or will not take actions regarding this i think they
will loose more potential customers now and along the way…
I hope this post helps BDO and to make their service even better.
I did not know of that clause. Will look into it. Thanks!
Pinayagan itong “clause” na ito ng BSP? What about co-depositor tapos namatay ang isa?
Kung sakaling pinayagan ito ng BSP, dapat dawit sila sa reklamo.