3. YOUR SECURITY OBLIGATIONS
3.1 You are responsible to ensure that :
any computer, system, Mobile Device or device from which you access and use the Services shall be properly maintained and shall be free from any defects, viruses or errors. You have taken all reasonably practicable measures to prevent unauthorised access when access the Services through broadband connections, telecommunication connections, digital subscriber lines or cable modems or public system over which BOCM has no control.
the computer, Mobile Device or device used to access the Services has an adequate security system, including anti-virus, anti-spyware and firewall software or measures to protect the security of your username and password and your use of the Services. You shall not install or use the Mobile Banking App on a jail-broken or rooted device.
3.2 You are advised to select a username and password that:
has no obvious connection to your name, address, birth date or driver's licence number;
is not an obvious sequence of letters or numbers such as 7654321, abcdefg, or aaaaaaa.
3.3 You shall, amongst others:
(a) keep your username and password secure at all times;
(b) not disclose the E-Token Password to anyone;
(c) not disclose the serial number of the E-Token to anyone;
(d) keep secure, undamaged and safe the E-Token and all information provided to you for your use of the Services;
(e) change your username as soon as practicable upon receipt of our notification – once changed, the username cannot be further altered;
(f) change your password as soon as practicable upon receipt of our notification – and subsequently the password should be changed regularly, for at least once in every 3 months;
(g) ensure that your personal and account information, username, E-Token Password, and password are not being disclosed to any party including but not limited to BOCM’s staff and regulatory authorities in whatsoever manner either through telephone call, email or SMS;
(h) not leave the computer, Mobile Device or device from which you have accessed the Services unattended or let anyone else use it until you have logged off;
(i) ensure that you have logged off from the Services at the end of each session;
(j) comply with all security measure instructions given by BOCM from time to time in relation to the use of the Services;
(k) check the Account balance and transaction(s) periodically and to report to BOCM of any discrepancies immediately;
(l) make regular backup of critical data;
(m) consider the use of encryption technology to protect highly sensitive data;
(n) not install software or run programs of unknown origin;
(o) delete junk or chain emails;
(p) not open email attachments from strangers;
(q) not disclose your personal, financial or credit card information to little-known or suspicious websites;
(r) not use a computer or Mobile Device or a device which cannot be trusted;
(s) not use public computers or the computers in internet cafe to access BOCnet;
(t) log off the online session and turn off the computer when not in use;
(u) clear browser cache each time after you have accessed the Services;
3.4 You shall update BOCM immediately when there is any changes in your contact details such as mobile number, for the purposes of receiving SMS alerts or notifications for the Services.
3.5 You agree not to disclose to anyone your username, password and E-token Password for the Services. BOCM will not be held liable in whatsoever manner for any money withdrawn or transferred from your Accounts in breach of your security obligations herein.
3.6 If you are aware of any security breach of your username, password, or E-Token you must notify us immediately at Tel: 603-2059 5566 and comply with all instructions from us. The notification of the security breach will take effect immediately after it is received by us. Subject to clause 6, any losses that may occur prior to the notification taking effect will be borne by you.
3.7 Mobile Banking Application
(a) You agree and acknowledge that the App is made available to you strictly on an “as is” basis, and to the extent as permitted under law and / or regulation, no warranty is made in relation to the App, including any warranty in relation to its merchantability, fitness for purpose, satisfactory quality or compliance with description, and all warranties which may be implied by law or custom are hereby excluded. In addition you agree that BOCM cannot ensure that the App will be compatible or may be used in conjunction with any Mobile Device or device, and you agree that you shall not hold BOCM liable for any such incompatibility or for any loss or damage to any Mobile Device or device which may be caused by the Mobile Banking App;
(b) You shall not use the App for any purpose other than to access your own Account via the Mobile Banking Services on your own Mobile Device or device;
(c) You shall not download or install the App into a Mobile Device or device which you do not own or have exclusive control;
(d) You shall not reproduce, modify or reverse engineer the App or permit another person to do so;
(e) You shall not attempt to make any income directly from using the App;
(f) You shall not use the App to do anything illegal;
(g) You shall not connect the App in a way that could damage it or stop it from working or affect our systems or other uses;
(h) You shall not connect the App to any unsafe internet network;
(i) You shall not download the App from any place other than BOCM’s official website, the Apple Store, the Google Play Store or any other channel as may be approved by BOCM and any such download shall be at your own risk;
(j) You agree and acknowledge to update regularly and timely the operating system of your Mobile Device or device to the latest available version;
(k) You shall not do any other things or acts that may compromise the security of your Mobile Device or device, its operating system and/or the Mobile Banking App.
3.8 Mobile Banking App Biometric Authentication (Biometric) service
(a) To use the Biometric service, you will need to:
i. register your Mobile Device with Mobile Banking App by successfully logging in the App;
ii. register your Fingerprint or Face on your Mobile Device; and
iii. enable the following:
A. For iOS devices
Touch ID or Face ID to unlock your Mobile Device
B. For Android devices
Enable Fingerprint Security
(b) Upon successful activation, you may use the Biometric service to access the Mobile Banking App on your Mobile Device through fingerprint/face identification as an alternative to your Mobile Banking Service username and password.
(c) You may still choose to access the Mobile Banking App using your Mobile Banking Service username and password.
(d) To activate/deactivate Biometric service, you must first login to Mobile Banking App, go to “Settings” menu and select “Manage Fingerprint ID” or “Manage Face ID”, whichever is applicable.
(e) For avoidance of doubt, all Fingerprint or Face data is stored in the relevant Mobile Device when you set-up your fingerprint enabled Mobile Device or facial identification enabled Mobile Device and no Fingerprint or Face data is stored on BOCM’s servers. For the purpose of the Biometric service, verification of the Fingerprint or Face is effected by the Mobile Device itself. Once the Fingerprint or Face is recognised by the Mobile Device, the confirmation of authentication will be relayed by the Mobile Device to the Biometric authentication to enable you to proceed with the relevant transaction or where verification is unsuccessful, notification of authentication failure will be relayed to Biometric service interface.
(f) Mobile Banking App users’ Mobile Devices that come with the “Manage Fingerprint ID Login” or “Manage Face ID Login” feature/function will be able to login to Mobile Banking App using just their fingerprint or facial identification, as the case may be.
(g) You agree that by using your Fingerprint or Face to access Mobile Banking App via Biometric service, BOCM relies on the Mobile Device to provide the authentication if you activate the Biometric service.
(h) You shall not register any third party fingerprint as your Fingerprint or any third party face as your Face, as doing so will enable the third party(s) to have access to your Account and perform all functions available within Biometric service.
(i) If you have any third party fingerprint or third party face stored on your Mobile Device, you are required and you hereby warrant that such third party fingerprint or third party face, as the case may be, has been deleted from your Mobile Device prior to your activating Biometric service.
(j) Your Fingerprint or Face should be treated with the same level of security as your other Security Code to prevent any unauthorized access to your Account.
(k) You shall deactivate Biometric service in the event that you change or dispose your Mobile Device.
(l) You acknowledge that BOCM owes no duty to verify that it is your Fingerprint or Face endorsed on the Mobile Device and agree that to the extent permitted under applicable law, BOCM shall not be liable to you for any and all losses, liabilities, costs, expenses, damages, claims, actions, or proceedings of any kind whatsoever (whether direct, indirect, or consequential) in respect of any matter of whatever nature and howsoever arising (whether in contract, tort, negligence or otherwise) in connection with:
i. the provision by BOCM of or your use of Biometric service;
ii. any unauthorised access to your Account balance and/or use of your Mobile Device;
iii. any transaction effected; and/or
iv. any breach of or failure to comply with any of these Terms and Conditions or any relevant procedures set by BOCM.
(m) You acknowledge that In the event that you have lost your Mobile Device, you are to deactivate Biometric service immediately by contacting BOCM Customer Service Centre at 603-2059 55 66 to report the loss of your Mobile Device and request for the biometric registration in respect of the lost Mobile Device to be de-registered.
BOCM may in its absolute discretion and at any time and from time to time, suspend, restrict or terminate your access to Biometric service without being obliged to provide any reason for such suspension, restriction or termination.