Circular 50 Strengthens Security For Online Banking In Vietnam.

The State Bank of Vietnam’s Circular No. 50/2024/TT-NHNN regulating safety and security for the provision of online services in the banking sector (“Circular 50”), issued on October 31, 2024, took effect on January 1, 2025, with delayed effectiveness for certain provisions on (i) network, communication, and security systems, online banking application software, and mobile banking application software (July 1, 2025); (ii) transaction confirmation for payment transactions conducted via the straight-through processing method (January 1, 2026); and (iii) authentication forms and reporting obligations (July 1, 2026).

The cybersecurity situation in Vietnam is complicated, and the banking and finance sector has been one of the top targets of high-tech criminals. Circular 50 seeks to enhance user protection by expanding the technical requirements to more services in the banking sector as well as standardizing how transactions are authenticated.

Expanded Scope of Services Covered

Previous regulations on safety and security of online services in the banking sector only covered banking services and intermediary payment services. Circular 50 expands the scope to include other services of credit institutions and foreign bank branches such as credit information services, foreign exchange services, securities depository services, and services related to factoring and letters of credit, which now need to comply with technical requirements and standards for online services such as firewalls and DMZ network barriers.

Risk-Based Approach to Authentication

Circular 50 sets out standards for payment transactions and card transactions by:

Classifying various online transactions based on the type of client, the purpose of the transfer, the value of the specific transaction, and the total value of certain transactions during the day; and
Applying various types of authentication for the corresponding types of online transactions, e.g., using passwords or PINs for small-value online transactions, and using OTPs (through SMS, voice, or email), biometric matching, or e-signatures for larger-value online transactions.

For further information, please contact:

Quang Minh Vu, Tilleke & Gibbins

quang.v@tilleke.com

Circular 50 Strengthens Security For Online Banking In Vietnam.

Circular 50 Strengthens Security For Online Banking In Vietnam.

Thailand Issues Notifications On ROPA Exemptions For Data Controllers And Processors.

- Nopparat Lalitkomon - Tilleke & Gibbins,

Myanmar Issues Cybersecurity Law.

Thailand BOI Revises Land Ownership Allowance For Foreign Companies.

Saudi Arabia – National Cybersecurity Authority Regulations 2024.

An In-depth Analysis Of China’s Network Data Security Regime – Part I: An Overview Of The Regulatory Framework.

- James Gong - Bird & Bird, Bird & Bird

India – AKP Banking & Finance Digest- January 06, 2025.

- Anuroop Omkar - AK & Partners,

Malaysia – How To Set Up A Company Or Business In Sarawak.

Kazakhstan – The Integrated Environmental Permits In 2025.

- Raushana Chaltabayeva - Unicase Law,

UK – Resolving Dispute Over A Child’s Ashes: Separated Parents In Dispute.

CONVENTUS LAW

OTHERS

Circular 50 Strengthens Security For Online Banking In Vietnam.

Register for your monthly Asia legal updates from Conventus Law

Footer

CONVENTUS LAW

OTHERS