lkn

This is highly unlikely. If banks had a weak link like this, I think we would see a lot more stories about people losing money, and strong encryption is table stakes for a software development platform/framework. You also see people losing money from their bank account in the “developed world”, and it pretty much always comes down to some sort of social engineering. I recently signed up for online banking with Kasikorn. They got the last four digits of my phone number wrong, customer service could confirm this, and also confirm that my real number was associated with my account (just not online banking). It was required to receive an initial OTP to activate my account, and the customer service representative told me that under no circumstances were she allowed to fix my wrong number, for this, I had to come to the branch with the usual set of documents. Quite sure that policy had been instated to limit the possibility of a social engineering attack.

Now that we are venting about Thai apps and web sites: Something I hate is that both apps and web sites love to present a “welcome banner”, for example a tribute to the King or an ad for some of their other services, that I always have to click through. Many of the web sites require me to enter a CAPTCHA in addition to username and password, even for something like online 90 day reporting, I have to enter a CAPTCHA, I have no idea what the thinking is behind this extra obstacle, but it seems quite widespread. And then the flashing banners in the apps! They love to spend 10% of the screen space to promote some of their other services, often with animation. Even using the Provincial Electricity Company’s app (PEA+) does this, first I have to enter PIN (as if my electricity bill is sensitive information), then I have to dismiss a full screen add for their e-Bill service (I already have it set up with automatic debit!), and then while using the app, the bottom part cycles through various banners for what looks like a branded debit card, etc. Opening the KTB next app to “Scan&Go” also starts by showing me a full screen add for some sort of shopping card, which I have to dismiss, before I can select what I actually want to do in the app. As someone who cares about clean interfaces and “productivity”, I find these things quite infuriating. Thanks for reading my rant… ????

Correct, OTP is only for online transfers (i.e. via web browser). But it wouldn’t make a lot of sense with OTP for phone app transfer, as the bank app already seems to be locked to your phone (you need to have a Thai SIM-card when setting up the app). However, both Krungthai and Kasikorn require a PIN when I do a transfer, in addition to the biometric scan to access the app (Face ID in my case). So if you want to transfer money via my banking app, you need to steal my phone, bypass Face ID, and guess my banking PIN.

There is now a 470 page long Examiner’s Report about Celsius bankruptcy. Spoiler: It was a scam! ???? If you are curious about some of the details, here is a summary from Amy Castor and David Gerard. And another one from Molly White.

Both in BKK and CNX airport I have tried to use digital boarding passes for domestic flights (issued by the airline itself), only to be told that I needed to go to the counter and get a physical copy printed. Granted, as a foreigner I probably can’t use any of this new digital ID, but if I could, I would be hesitant to leave my physical ID at home.

Sounds like it shouldn’t be too hard to figure out how the money was transferred and some more information about the owner of the receiving account. I guess the real story here is that nobody takes crime serious in Thailand. Only the prospect of collecting a fine, seems to motivate the police to do anything.

If they start to use QR codes for donations in temples, this could become a real problem, although you can also just run with the donation box. The downside of “QR jacking” is that the new QR code will include the identity of whoever receives the money. But we’ve previously had a thread about someone’s female friend, who signed up to receive bank payments from Shopee, and just had to transfer the money to someone else, but keep a certain amount — I think that scam was about getting validated purchases, but probably wouldn’t be too hard to enlist some unsuspecting money mules in Thailand.

I have access to international transfers via Kasikorn (online K+ app) and they show both the exchange rate and fee, it’s limited to the equivalent of 100,000 USD/day. Currently, if I set up a THB → EUR transfer it gives me an exchange rate 0.8-0.9% worse than the mid-market-range and a flat fee of 250 baht. DeeMoney shows an exchange rate 0.74% worse, so slightly better than Kasikorn, unsure about flat fee, and as you point out, you would need to execute the transfer over 3 days. In absolute numbers, Kasikorn will probably be 3-4,000 baht more expensive than DeeMoney for a 2 million baht transfer. Though if you have a fee for incoming international transfers, you will pay this 3 times instead of 1, but that fee is probably not more than 250 baht (in your local currency).

It is redundant (already got Face ID) and inconvenient.

I previously used KTB Next for my “Scan&Go”. For this app, I can set how large amount, before it requires me to enter a PIN, which makes the process a bit faster (another hint: you can long-press the app icon from the home screen and select “Scan” from the pop-up menu to go directly to the “Scan” function). My question is: Does K+ (Kasikorn’s app) have a similar setting to disable the PIN? I have searched through the app but so far, have been unable to find it. It seems every single payment done via “Scan&Go” requires me to enter a PIN.

There is no obvious receipt for my automatic debits (water and electricity), phone top-ups, subscriptions (Netflix, iCloud, etc.), services (Grab), not to mention transfers to/from third parties, PromptPay (“Scan&Go”), etc. But even if there were, I have > 100 transactions per month. I just want a proper bank statement that can be imported and automatically classified based on the description field, rather than reading through 100+ receipts each month to manually enter and classify everything. What I am asking for is pretty standard, but apparently not among Thai banks.

The cameras inside the branch are not ideal, as they are not synchronized to individual transactions, nor placed to give good headshots of the depositor. That said, AML regulation tend to have a “belt and suspenders” approach, while still not being overly effective: I am sure some regulators pushed for having bank ATMs require a passport or ID card scan for each deposit, but pushback from the banking industry got this limited to “only counter deposits” on the grounds that it would just be too expensive to retrofit all ATMs to have this requirement, so they probably settled on storing the per transaction footage for some amount of time. I have been subjected to a bunch of this AML/KYC stuff, it often seems like a waste of time and with possible ways to circumvent it (if I was actually a criminal), but then at the same time, each time there is a scandal about money laundering or similar, the banks are blamed for having turned a blind eye and even more procedures are introduced to avoid a repeat.

Maybe because the ATM has a camera and records you doing the deposit? So if later the account is flagged as having a lot of suspicious cash deposits, they have video footage from ATM deposits, and copy of passport from “at the counter” deposits, i.e. they have enough information for both types of deposits to investigate further. It’s probably some AML regulation introduced after the invention of the ATM, therefore it is stricter inside the bank, but deemed “good enough” for ATMs, and probably there is a limit on how much you can deposit via the ATM, but not via the counter.

Based on the most recent market price of your condo being 19M, this sounds too high. I don’t know where in Thailand your villa is located, but compare with prices of staying at high end hotels in your area. I mean, if you do a one year rental for 250K/month, that’s 3 million baht for a year, and if the renter is only here 6 months/year, that gives them a hotel budget of 16,000 baht/night. Based on the estimated price (19M), I would expect your place to rent for around 120,000-150,000 baht/month. Now subtract your fixed cost of 40,000 baht/month, the agent fee (one month for each year rented out), and possibly maintenance and repairs (of which there might be more, when renting it out), and I think trying to sell this place is the best option. And of course, if your realtor lists your place at unrealistic high prices, it will be vacant most of the time, generating no revenue. As for the cost of selling, you normally pay a 3% agent fee and a 2% transfer fee for the title deed, but since this is leasehold, I don’t know how that works. There is also 0.5% stamp duty. The withholding tax, again, not sure if this is the same with leasehold, but for freehold, it’s based on years owned and the appraised value. The easiest is to get an estimate from your Land Office, they can do this.

How much do you think that you can sell it for today? What would you expect it to rent for? What are your expenses on the property? I would look at these numbers to make a decision, although I would not want to be a landlord, but it sounds like what you own is more or less worthless in 11 years, which also means that the current market value of your lease is going toward zero, over the next 11 years. The question is just how to extract the most value out of it, before it expires. I would think this would be by renting it out.

The easiest way for a third party to get money out of your account is via the debit card. But as other posters have suggested, you can forego the ATM/debit card. You can also disable online use, or, at least with the virtual debit cards, you can set spending limits. Also worth mentioning that to use your debit card online, the payment processor will generally require an OTP sent to your phone, so even if someone gets the numbers on your card, it’s not directly possible for them to drain your account. All in all, I would not bother with multiple accounts for “security”, rather, I would forego the physical debit card, if I was concerned about security, and then do a virtual card with a spending limit via the bank’s app (for online purchases). And you could actually argue that having multiple accounts just provides a larger attack surface, and you will have to monitor them all for abuse. Keep it simple…

That’s a strange policy. Maybe to encourage usage? E.g. KTB introduced a fee for transfers when using KTB netbank (browser), but offered it for free when using KTB Next (phone app). I’m inclined to try this next time I am out of province, although these days, I only need cash for tipping, everything else is debit card or Scan&Go.

Proper description would be something like “Rimping Supermarket” (KTB) rather than “Debit Card Spending” (KBank) or even worse “004999117992759” (SCB). The first shows where I used my card where the latter two just show the amount, although for KBank, it also tells me about the payment method, but 99% of transactions will just show “QR Transfer Deposit”.

If by small change you mean coins then automatic deposit machines do exist for these, although I have not seen them in Thailand, but I have used them on occasion at home. Though it seems that all but gas stations now accept PromptPay. Not sure what vendors prefer, but majority now have their QR code prominently displayed. Some stores have even invested in payment terminals that can display dynamic QR codes (so customers doesn’t have to type in the amount).

Right, they are of course there for a reason. But the European countries I am familiar with do not need traffic cops to show up every single day, put out traffic cones, etc. to protect the children. Though in Europe (at least most northern countries), lots of research has gone into how to shape traffic, and how to make cities walkable, plus all the drivers have gone through training and passed a test, with consequences when you break the law.

Today I drove along a road with several schools, it was late afternoon. I noticed there were multiple places with traffic cones and police who would stop traffic to let the students cross. It’s not the first time I see something like this, but it reminded me of this thread, and made me think that something really seems broken, when each day, you need traffic cops outside schools to protect the children who need to cross the street.

If you live in a totalitarian regime that wants this, they will get it, assuming they are advanced enough, regardless of what the citizens do. If you don’t live in such regime, there will probably be none of it. Many European countries are already fully digital and has been for many years, and they have not developed in the same way as e.g. China. As for Thailand, I sincerely doubt the people in power have the skills to use any new data that would theoretically be available, when/if all payments are digital. I do also wonder, if there was actually any data collection going on regarding payments, wouldn’t the first victims be all the government/police employees taking bribes? That should actually be a good thing, if someone looked into all those additional payments going to government employees.

A preference for a desktop computer does not necessarily mean not being tech-savvy. I can export CSV statements from KTB Next and import into my double-entry accounting system, not possible via the app. I can copy/paste account numbers and amounts from PDF invoices or web sites, to handle these faster/easier and less chance of entering wrong digits, doing the same on a phone is at best extremely tedious, I can also much easier multitask between apps on a desktop.

Fairly easy, yes. Just go to your branch (with bank book and passport) and tell them that you want to register for online banking / K Biz. After a few days, you will receive an email with instructions about how to complete the process, which involves validating your email address and receiving an OTP on your phone, and after this, you can log in with a web browser using your username and password.

I’m surprised at how many drive around in cars without a driver’s license, and then of course there are those who just pay the standard fee to get the license without having to do any of the studying and testing. If they would start by making sure people actually know the law, and had to pass a driving test before they were allowed to drive, we would probably get a long way. Although I also agree, they definitely also need to enforce the laws.