» Security & Privacy

Security and Privacy

Security & Fraud Awareness

Your safety and wellbeing are our utmost priority. It has become more essential for us to enhance your safety while browsing through our website as more criminals have turned towards online scams to have access to your personal information. It is important that you take precautions to safeguard your personal information and banking account credentials from being compromised. This can be accomplished by taking the following steps:

  • Never provide your personal information on websites that you are not familiar with or have not verified as being legitimate.
  • Ensure that your internet browser is up-to-date with the latest security patches and updates.
  • Never click on links or attachments in suspicious emails and texts sent from unknown senders or companies you don't recognize.
  • Avoid sending sensitive information via email such as account numbers, passwords etc., unless absolutely necessary.

Kindly visit Security Awareness| Maybank Malaysia (maybank2u.com.my) for further information on fraud and phishing awareness for your safety and convenience in browsing our website.

Security Statement

Security standards employed by us—and what you can do to stay safe online

The Maybank Group is highly committed to ensuring that all transactions performed through our online financial service are secure, safe and confidential. For this purpose, we enforce privacy protection control systems designed to ensure the highest security standards and confidentiality.

  • Username and password
  • Information protection
  • Data confidentiality and data integrity
  • Systems security and monitoring
  • Computer virus protection
  • Updating your browser
  • Security tips

Username and Password

To prevent unauthorised access to our online financial services, every customer is required to select a username and password, which provides access to their financial information. The username must be between 6 to 16 characters.

New Maybank2u Password Guidelines (w.e.f March (for Maybank2u Web and Maybank2u Biz and 7th March 2020 for Maybank App)

  • Minimum 8 alphanumeric characters, maximum 12 characters
  • Must contain at least 1 upper case
  • Must contain at least 1 lower case
  • Must contain at least 1 number
  • Must contain at least 1 special characters e.g. * $ &
  • Not have 3 consecutive characters e.g. 123, abc
  • Must not be the same as user’s Maybank2u user ID and Security Phrase
  • Not be the same as your previous 5 passwords
  • Must not contain space

Here are some tips to ensure the integrity of your username and password:

  • Do not choose a password that others can easily guess.
  • Do not use simple words, your name, birth date, telephone number or names listed in a standard dictionary.
  • Memorise your password and do not write it down.
  • Passwords or PINs should be used when accessing an online account to protect your personal information.
  • Sharing your password or PIN with another person is the same as giving that individual authority to use your name in a transaction. It should not be disclosed even if requested by an authorised Maybank Group Officer.
  • Change your password frequently.

Information Protection

While we take considerable effort to ensure a safe and secure online experience, we have no control over the computer you use to access Maybank2u.com. As an added security feature, we have incorporated an automatic log out function if no activity is detected after a preset time limit.

However, you must ensure you do not provide anyone the opportunity to gain access to your account information:

  • Ensure no one has access to your computer or records your online activities.
  • Always log out of Maybank2u.com immediately after completing transactions and before visiting other websites.
  • Do not send any information about your account via e-mail.
  • Disable the AutoComplete function on your browser to avoid automatic completion of your ID when you type in User ID.

To turn AutoComplete "On" or "Off" in MS Internet Explorer browser:

  • Click the "Tools" menu and select "Internet Options".
  • Click "Internet Options" to get the "Content" tab.
  • From this tab, click the "AutoComplete" button.
  • Uncheck "User names and passwords on forms".

Maybank2u.com collects personal information that you voluntarily provide on this Web site, which may include your name, address, e-mail address, marital status, salary range, number(s) of children, etc. We use this information to communicate with you and to provide you with your requested service or product. If you provide your consent at the time your personal information is collected via this Web site, we may also provide you with information, special offers, and promotions. Furthermore, we may store some or all of that personal information and use it for marketing research and marketing purposes. We maintain your data for as long as you are a customer of the Maybank Group. Personal information shall be retained by the Bank in accordance with the current law and regulatory requirements.

Data Confidentiality and Data Integrity

An EV SSL certificate offers the highest available levels of trust and authentication to your website, designed to strengthen e-commerce security and combat phishing attacks to make EV SSL the most complete SSL certificate available. The green address bar prominent displays the Bank’s name and provides highly visual assurance to customers ensuring that the site is secure. It also provides immediate trust and helps customer conversion with 2048 – bit and highest assurance SSL Certificate.

Systems security and monitoring

The Maybank Group has adopted a combination of the following systems security and monitoring measures for online transactions:

  • Firewall systems, strong data encryption, anti-virus protection and round-the-clock security surveillance systems to detect and prevent any form of illegitimate activities on our network systems.
  • Regular security reviews of our systems by our internal System Auditor as well as external security experts.
  • When you have a broadband connected to the Internet (always-on connection), consider installing a personal firewall. At a minimum, power-off your PC when not in use. We also take every effort in ensuring collaboration with major vendors/manufacturers to keep abreast of information security technology developments, for possible and future implementation.

Computer virus protection

Computer viruses are real and once your computer is infected it can cost you time, loss of information, repair expense, and aggravation. Make sure your computer has an anti-virus protection program installed to reduce the risk.

We recommend that you purchase a program that automatically upgrades your virus protection on a recurring basis. If you currently have a virus protection program on your computer without the automatic upgrade feature, make sure you update your virus detection program at least monthly and/or when you hear of a new virus to minimise your risk. You can do this by visiting the Internet site of the company that provides your software.

In addition, we advise you not to open attachments from others unless you are absolutely certain you can trust the source. However, it's best to be cautious. Whoever sent you that attachment may not know that they have carried the virus to you.

Updating your browser

  • An Internet browser allows access and the ability to navigate a myriad of information and service resources on the Internet. Most computers come with a browser already installed.
  • Always update your browser when new versions are released because they often include new security features.
  • Check your browser for built-in safety features that you may or may not elect to use.
  • Do not install unnecessary extensions or plugins to the web browser.
  • Regularly clear all the cache, cookies and temporary files from the browser history.
  • It is a good practice to always check the site certificate before login.

Security Tips

Protect Yourself and Your Information Online

Be careful when you do your banking online. There have been cases of copycat web sites created by unauthorised persons posing as authentic web sites, or e-mail/phone calls asking you to provide personal or account-related information with the intention of carrying out Internet theft and fraud. Please take necessary precautions and be on the alert for suspicious e-mail or phone calls asking for your personal account information. Never reveal your Internet Banking or ATM PIN or account information to anyone.

10 easy ways to protect yourself

  • Do not share your password with friends, relatives or anyone. Your password and PIN are designed to protect the privacy of your banking information. They will only work if you keep them private.
  • Change your password frequently. If you think your password has been compromised, contact us to reset your password.
  • Don't use the "remember password" function because this information can be easily accessed by hackers.
  • Do not send any information about your account via e-mail.
  • Do not provide your account details or passwords in response to an e-mail or by phone. A bank officer will never ask for this information.
  • Don't open suspicious e-mail attachments.
  • Avoid downloading free programs. These may incorporate hacker-friendly software.
  • Always log out of Maybank2u.com immediately after completing transactions and before visiting other web sites.
  • Clear your cache (information stored in your computer memory) each time you log out.
  • When using the Internet Banking Kiosk, logout and return to the Home Page before leaving the kiosk.

Privacy Statement

To provide you with products/services, we need your personal data. When you provide us with your personal data, we will do our utmost to protect the privacy of your data, and we would like you to be aware of the following:

Why Do We Need Your Personal Data?

We need your personal data:

  • For identification purpose, and to authenticate communications with, and instructions received from, you;
  • To fulfil legal and regulatory requirements obligations;
  • For assessing your suitability with our products/services offered;
  • For analysis and marketing purposes, so that we can develop and offer better products/services;
  • To facilitate our operations, and for processing your transactions, and instructions.

What Types Of Personal Data Do We Collect About You?

We will collect data that will enable us to:

  • Identify you (e.g. name, identification numbers, DOB);
  • Keep in contact with you (e.g. address, phone/mobile numbers);
  • Assess your profile (e.g. employment details);
  • Fulfill our legal and regulatory obligations; e.g. reporting obligations;
  • Record details of your transactions/communications with us; e.g. voice/video recordings, biometric data, data from the internet and mobile applications.

With Whom Do We Share Your Data?

Subject to compliance with legal and regulatory obligations, your personal data will be shared:

  • within the Maybank Group of companies;
  • with law enforcement agencies and regulatory bodies, with whom we are obliged to do so under certain circumstances;
  • when doing so is necessary to protect your interests and when obtaining your consent prior to doing so is not practicable;
  • with third parties with whom we have contracted with to provide certain services. These third parties are required to observe the same privacy standards that we have; and
  • with parties with whom we have obtained your consent to share.

While we may share your data within the Maybank Group of companies and with certain strategic partners for the purpose of introducing products and services which we believe may be beneficial to you, we will not contact you for marketing purposes unless you have expressed your consent for us to do so. We also wish to assure you that we will not sell your personal data to any third party.

Where Do We Collect Your Data From?

Your personal data with us is obtained from various sources. This includes:

  • information provided by you or sources authorised by you;
  • information obtained from legally and publicly available sources;
  • information released to us by the authorities;
  • biometrics, digital footprints, geolocations, video images and voice recordings obtained during your interaction with us, whether physically or through digital channels.

How Do We Safeguard Your Personal Data?

We will do our utmost to protect the privacy of your data, be it in physical or digital form. This includes having in place procedures and security measures that meet international best practices. These measures are regularly reviewed to ensure that they are effective and adequate. All our staff members and authorized third parties will be required to comply with these measures and practices.

What Are Your Rights, As The Provider Of Your Data To Us?

You have the rights to request access to the personal data that you have provided to us. However, there may be a cost involved, depending on the nature of the data requested.

You also have the rights to withdraw your consent for us to process the personal data provided by you. However, the withdrawal of your consent may affect the products/services that we can extend to you.

You may also change or correct the personal data that you have provided to us. Please contact us if there are changes to your personal data, or if you believe that the personal data we have about you is inaccurate, incomplete, misleading or outdated.

You can contact us by visiting any of our branches or call our Customer Care Hotline at 1-300-88-6688 or +603-784-3696 if you are overseas.

Updates To This Privacy Statement

We may update this Privacy Statement from time to time. Please periodically review this Privacy Statement to stay informed on how we are protecting your information.

We provide the Privacy Statement in both English and Bahasa Malaysia. In case of any inconsistency between these two, the English version shall prevail. In case there are inconsistencies on how we collect or use your personal data between this Privacy Statement and the terms and conditions of your specific product or service or other contractual documents, the terms and conditions of your specific product or service or other contractual documents shall prevail.

This Privacy Statement was last updated in November 2021.

Click here for Privacy Statement (BM)

Click here for PDPA Form (Individual)

Click here for PDPA Certificates of Registration (Maybank)

Click here for PDPA Certificates of Registration (Maybank Islamic)

Click here for PDPA Certificates of Registration (Maybank Investment)

If you have queries about any e-mail from Maybank or are suspicious that someone may be trying to get your PIN or account information under false pretences, contact our Customer Care hotline at 1-300- 88-6688 or 603-7844 3696 (overseas) immediately.