Thai phone number and internet banking?

[dripdrop]

I remember talking to the staff at Bangkok Bank many years ago about the need for a Thai number tied to the internet banking system.

 

So if a person is living abroad for the majority of time and still want to keep his internet bank account service at Bangkok Bank he must also keep paying for a thai phone number? As it is not possible to use an international phone number. Seems kinda stupid

 

Anyone knows if this still applies? 

 

 

Edited July 10, 2018 by dripdrop

[HampiK]

The last time you could only use a Thai phone number. But what you mean with paying for a Thai number?

You pay one time for a Thai-number and then use it as prepay, then you pay per year about 24 Baht I think for extend the number for 1 year (So the number will still be valid) and there are no other costs involved. It's not that expensive. Even cheaper is, if you use the number little bit. You can topup 20 baht and become a validity of one month. Mean with Topup of 12x20 Baht (Important you have to say 12 times or 11) your number will be extended as well and the 240 baht can be used for phone call or for an 1 month internet package, while you are in Thailand.

While I was outside of the country in the past, I took care when I left, that the number was valid for 1 years, as I always coming back to Thailand once a year. The Apps mostly you only can use for online banking, when you are online by data of the specific number, else you have to use the broswer webpage, where you have to login. So outside of the country the Online Banking application mostly can't be used, as you will not be online with the Thai number… to expensive. But as for example for Kasikorn their website is easy to use.. even you can topup your mobile.

[topt]

38 minutes ago, dripdrop said:

Anyone knows if this still applies? 

Yes but normally only for the first 1 or 2 new transfers and to set up a new  payee - at least that is the case for SCB.

 

If your payee accounts are already set up and used then you would not need the OTP.  The problem only arises if you want to send money to a new payee and it could also be an issue if you end up with a security glitch.......

However if you let the number lapse then you would have to go to the branch to register a new no.

[Spidey]

Don't need a pone number at all for internet banking, that's why it's called internet banking. I use my laptop. Works anywhere in the world. Only time you need a phone is when they send you one of those stupid OTP's. Set your payees up in Thailand, on your Thai phone and you're good to go.

[observer90210]

Once again, no consistency even within the Thai Banking system. Things can become smooth or a nightmare, within the same bank network,  but depending on which branch.

 

By making things hard for foreign customers living part-time in the kingdom,  banks will loose customers on the short run.

 

People will prefer to come with their ca$h, get a better exchange rate and no transfer fees, or use their foreign credit card.......But apparently the banks just don't care...

[theoldgit]

15 hours ago, Spidey said:

Don't need a pone number at all for internet banking, that's why it's called internet banking. I use my laptop. Works anywhere in the world. Only time you need a phone is when they send you one of those stupid OTP's. Set your payees up in Thailand, on your Thai phone and you're good to go.

I get one of those "stupid OTP's" when I use internet banking when I'm travelling anywhere in the world, even when I set up a payee in Thailand.

[Kerryd]

The OTOPs (One Time Only Password) is a security feature designed to prevent people from being able to do transactions on your account.

 

If having to receive and use an OTOP is too inconvenient for you, then simply DON'T use their banking system.

See ? Easy peasy ! Problem solved.

However, if you do use the internet (or a phone) to do your Thai banking, then quit whining and be glad they actually are doing something to try and keep your money safe. Especially as most of you probably use some stupid password like "123456" or your user name or something else that's easy to guess. 
 

I can imagine who the first people would be that would be in here whining/crying/screaming that they'd been robbed because someone "hacked" their phone and emptied their bank account and they had no idea it happened until months later. 
 

[Fairynuff]

6 minutes ago, Kerryd said:

The OTOPs (One Time Only Password) is a security feature designed to prevent people from being able to do transactions on your account.

 

If having to receive and use an OTOP is too inconvenient for you, then simply DON'T use their banking system.

See ? Easy peasy ! Problem solved.

However, if you do use the internet (or a phone) to do your Thai banking, then quit whining and be glad they actually are doing something to try and keep your money safe. Especially as most of you probably use some stupid password like "123456" or your user name or something else that's easy to guess. 
 

I can imagine who the first people would be that would be in here whining/crying/screaming that they'd been robbed because someone "hacked" their phone and emptied their bank account and they had no idea it happened until months later. 
 

Stop being so angry and use your brain for a second. You may not be able to receive a OTP whilst trying to do some banking overseas. Easy peasy.

[theoldgit]

12 minutes ago, Fairynuff said:

You may not be able to receive a OTP whilst trying to do some banking overseas. Easy peasy.

Why not, I've always managed to do so on my travels?

[sandyf]

4 minutes ago, theoldgit said:

Why not, I've always managed to do so on my travels?

You obviously have roaming available. I had to add it to my plan, some may have to add it but not be aware that is necessary.

[Kerryd]

13 minutes ago, Fairynuff said:

Stop being so angry and use your brain for a second. You may not be able to receive a OTP whilst trying to do some banking overseas. Easy peasy.

Actually, I do use my brain, which is probably why I never have a problem, even when I am overseas in a place like Afghanistan or Canada.

It's not the people using their brains that usually have the problems. You'd know that - if you used your brain. 

For example, I'm using internet banking from a Thai bank. If I will be travelling and using a different cell number, I know how to go into my profile settings and change the phone number so that I can still receive an OTOP (or other message) if needed on whatever number I will be using.

I can also have the OTOP sent by email instead of phone.
 

Or I can leave things as they are and make sure I take my Thai SIM card with me. A lot of smart phones these days allow dual SIMs, or, if you know you are going to make a banking transaction, you simply swap the SIM before doing the transaction so that when the OTOP is sent you can receive it. (Yes, you may face roaming charges. Deal with it. It's not like you are spending 30 minutes on a call to Thailand to receive an OTOP, unless you are doing your banking on your phone as well in which case the problem isn't with the bank or the system.)

Amazing how "using my brain" makes things so much easier.
 

 

 

 

[Kurtf]

17 hours ago, dripdrop said:

Seems kinda stupid

 

Anyone knows if this still applies? 

TIT. This is Thailand. Did you actually expect something NOT stupid?

[Spidey]

1 hour ago, theoldgit said:

I get one of those "stupid OTP's" when I use internet banking when I'm travelling anywhere in the world, even when I set up a payee in Thailand.

Yes, as I said, you need the foresight to set your payees up before you leave Thailand.

[HampiK]

I not agree with most of the users here who think the OTP is stupid. but seems we have a different thinking.

For Kasikorn, when you not change to PIN2 then you will have to enter the OTP for every transaction you want send money to somebody, and in my opinion this is an advantage (security feature). And I not see a problem, as my Thai number from DTAC (prepaid) worked in all countries I was traveling. And I not sure how many times you have to send money and then have a short look at the OTP.... I like this much more than the Keygenerator cards or whatever other additional device you have to use for login to your internet banking from other banks.

[Fairynuff]

1 hour ago, Kerryd said:

Actually, I do use my brain, which is probably why I never have a problem, even when I am overseas in a place like Afghanistan or Canada.

It's not the people using their brains that usually have the problems. You'd know that - if you used your brain. 

For example, I'm using internet banking from a Thai bank. If I will be travelling and using a different cell number, I know how to go into my profile settings and change the phone number so that I can still receive an OTOP (or other message) if needed on whatever number I will be using.

I can also have the OTOP sent by email instead of phone.
 

Or I can leave things as they are and make sure I take my Thai SIM card with me. A lot of smart phones these days allow dual SIMs, or, if you know you are going to make a banking transaction, you simply swap the SIM before doing the transaction so that when the OTOP is sent you can receive it. (Yes, you may face roaming charges. Deal with it. It's not like you are spending 30 minutes on a call to Thailand to receive an OTOP, unless you are doing your banking on your phone as well in which case the problem isn't with the bank or the system.)

Amazing how "using my brain" makes things so much easier.
 

 

 

 

I’m clearly not (a) smart (a**e) like you. Fortunately

[KhunBENQ]

1 hour ago, Kerryd said:

For example, I'm using internet banking from a Thai bank. If I will be travelling and using a different cell number, I know how to go into my profile settings and change the phone number so that I can still receive an OTOP (or other message) if needed on whatever number I will be using.

I can also have the OTOP sent by email instead of phone.

What bank?

I would recommend not to use this bank.

Sounds crazy. Hackers paradise.

Just knowing the login credentials and gather full control over the account.

Ridicules the two factor security completely.

OTP via email

Banks that I know do not allow to change the phone number online nor passport number for good reasons.

I have used internet banking with half a dozen banks in Europe and three banks in Thailand.

None of them would allow such crazy stuff.

Edited July 11, 2018 by KhunBENQ

[Caldera]

I've found that receiving SMS messages sent to my Thai number is hit and miss when traveling abroad (roaming). I now use Kasikorn Bank's K-Plus app that allows me to make transfers and payments without OTP verification. That works for me.

[Anythingleft?]

I've found that receiving SMS messages sent to my Thai number is hit and miss when traveling abroad (roaming). I now use Kasikorn Bank's K-Plus app that allows me to make transfers and payments without OTP verification. That works for me.

Off topic slightly but can you get the K-Plus app quickpay to work?

Sent from my SM-N950F using Tapatalk

[KhunBENQ]

Does Kasikorn lead the pack again?

I just try to understand their QR-OTP method.

It seems to require no more than internet connection for the smartphone.

On the smartphone there runs a "K-Secure" app that is initially connected/registered to your account?

This would make K-Bank again a first choice for foreigners.

https://secure.kasikornbankgroup.com/Download/Documents/QR-OTP_EN.pdf

 

And it's not "new". Just found a threat from 2016 where it is mentioned

 

In the screenshot you see the other fact under SMS-OTP:

of course no way to change mobile nr. online.

Quote

If you have changed/would like to change mobile no. , please follow below steps:
1. Click here to download “K-Cyber Changing Profile Request Form” and complete the form.
2. Submit it along with a signed copy of your Thai national ID card or Passport (for foreign nationality) with a clear image and passbook (for saving account)/cheques or cheque book request form (for current account) via any local KBank Branches.

Edited July 11, 2018 by KhunBENQ

[marcusarelus]

I have this OTP thing.  Everything is fine most times but Netflix can't get my Kbank subscribed payment and I had to change it to Siam.  Maybe it is something I did wrong but reoccurring payments also have to go through the OTP thing I think

Edited July 11, 2018 by marcusarelus

[dripdrop]

4 hours ago, Fairynuff said:

Stop being so angry and use your brain for a second. You may not be able to receive a OTP whilst trying to do some banking overseas. Easy peasy.

 

Yes, and on top of that OTP is not secure either something Kerryd seems to have missed.

 

And what about, let's say a person leaves the country without knowing about the need for a Thai number and then wants to change the number abroad to his current number, as he doesn't have the thai number anymore. Then all of a sudden, the person who got that Thai number is now able to receive sensitive bank information from the previous owner. And as far as I know, the bank owner cant do anything about it, as there must be a thai number only tied to the system.

 

 

[Kerryd]

OTOP is not secure. Uh huh.

You do a transaction on your internet banking account (from your laptop or phone). The bank sends an OTOP to the phone (or email address) you have set up in your profile. The transaction doesn't complete until you receive and enter that OTOP. Only you (theoretically) can receive the OTOP so only you should be able to complete the transaction.

 

But that's not secure. Uh huh. 

If someone gained access to your bank login and password and tried to do a transaction (even to add a "third party payee") the OTOP would go to your phone. You get a message from the bank with an OTOP number and if you can't clue in that something is wrong, it's not the bank or the system that is the problem. And if you simply ignore the OTOP, it expires (in about 5 minutes) so the transaction wouldn't go through anyways.
 

Oh right - if someone has stolen/hacked your phone and your banking login and your password and they log into your account they could steal the 216 baht you have left in there ! O.M.G. !!

And if the moon were made of blue cheese and wishes were horses.
Again, if all that happened then the problem isn't with the bank or the OTOP system.

And seriously. "lets say a person sets up an internet banking account using a Thai phone number and then leaves the country and somehow no longer has that phone number because and someone else gets the number and magically knows who it belonged to previously and is able to magically figure out which bank they had an account in, what their log in and passwords were and then empties their account".

You can always come up with a "worse case" scenario - which may happen to an tiny fraction of all the people that use the system and then most likely because those people have done something stupid. Like wrote their login and password on a sticky attached to their laptop screen or used a dumb password (or gave all the info to the true love of their life that they just met at the bar last night).

But somehow, not using an OTOP would be more secure ? Really ? You guys should be telling all the banks that so they can stop paying all the IT security experts who do that stuff for a living. "Hey (Thai bank) stop using OTOPs and let me log in and make any transactions I want with no security system at all because some guys on ThaiVisa think that will be more secure than using OTOPs."

Wow. Because not having that extra security feature would somehow protect you if someone stole all your personal information and phone and laptop. (Nothing will protect you, OTOP or not, if someone steals all your stuff and you've left all your log-ins and passwords somewhere they can access.)

I just checked on my bank and I can't change my email address online (never said I could), can't change my passport info (never said I could), can't change my Mobile number - but can change/add my Home number, change/add a Work number and change/add a Fax number. 
I can also choose which events to get notifications for and whether to get those notifications by email or SMS. 

I can also Deactivate the SMS OTOP Service if I so wanted to do so. I was tempted to do it, then reactivate it so I could see if there were any settings that could be changed but it really isn't worth my time or effort to do so.

I am curious though. If I deactivate the SMS OTOP service, how would I authenticate any transactions ? By email ? Or maybe you wouldn't be allowed to do any ?

Or maybe it would simply let you do the transactions without needing an OTOP ?

One way to find out !!
 

 

[Bantex]

I have banked with Kasikorn for over 15 years. I do numerous internet transactions each year from within Thailand and various other countries. I have never had a phone number linked to any of my accounts and never had any problems.

[balo]

Your'e not supposed to live overseas when you own a Thai bank account , that would be kinda stupid.

 

But when I visit Norway from time to time , I can use my DTAC subscription and receive the OTP codes from Kasikorn , no problem . If I have to transfer money while on vacation . 

 

They are there for a reason , to prevent strangers from stealing money from your account. 

 

 

 

 

Edited July 11, 2018 by balo

[HerbalEd]

On 7/10/2018 at 4:21 PM, observer90210 said:

Once again, no consistency even within the Thai Banking system. Things can become smooth or a nightmare, within the same bank network,  but depending on which branch.

 

By making things hard for foreign customers living part-time in the kingdom,  banks will loose customers on the short run.

 

People will prefer to come with their ca$h, get a better exchange rate and no transfer fees, or use their foreign credit card.......But apparently the banks just don't care...

Actually when I have US dollars wired to my Bangkok Bank account I get a better dollar/bhat exchange rate than at any Bangkok Bank branch.

[Caldera]

7 hours ago, Anythingleft? said:

Off topic slightly but can you get the K-Plus app quickpay to work?

Yes, I've used QuickPay with the K-Plus app a number of times. It usually works well and it's amazing how many shops and even little stalls accept QR payments already.

[Anythingleft?]

Yes, I've used QuickPay with the K-Plus app a number of times. It usually works well and it's amazing how many shops and even little stalls accept QR payments already.

I shall have to try again, thanks for the feedback.....

Sent from my SM-N950F using Tapatalk

[observer90210]

6 hours ago, HerbalEd said:

Actually when I have US dollars wired to my Bangkok Bank account I get a better dollar/bhat exchange rate than at any Bangkok Bank branch.

better even when you go with cash at a SuperRich exchange booth ?

[dripdrop]

On 7/11/2018 at 10:26 AM, Kerryd said:

OTOP is not secure. Uh huh.

You do a transaction on your internet banking account (from your laptop or phone). The bank sends an OTOP to the phone (or email address) you have set up in your profile. The transaction doesn't complete until you receive and enter that OTOP. Only you (theoretically) can receive the OTOP so only you should be able to complete the transaction.

 

But that's not secure. Uh huh. 

If someone gained access to your bank login and password and tried to do a transaction (even to add a "third party payee") the OTOP would go to your phone. You get a message from the bank with an OTOP number and if you can't clue in that something is wrong, it's not the bank or the system that is the problem. And if you simply ignore the OTOP, it expires (in about 5 minutes) so the transaction wouldn't go through anyways.
 

Oh right - if someone has stolen/hacked your phone and your banking login and your password and they log into your account they could steal the 216 baht you have left in there ! O.M.G. !!

And if the moon were made of blue cheese and wishes were horses.
Again, if all that happened then the problem isn't with the bank or the OTOP system.

And seriously. "lets say a person sets up an internet banking account using a Thai phone number and then leaves the country and somehow no longer has that phone number because and someone else gets the number and magically knows who it belonged to previously and is able to magically figure out which bank they had an account in, what their log in and passwords were and then empties their account".

You can always come up with a "worse case" scenario - which may happen to an tiny fraction of all the people that use the system and then most likely because those people have done something stupid. Like wrote their login and password on a sticky attached to their laptop screen or used a dumb password (or gave all the info to the true love of their life that they just met at the bar last night).

But somehow, not using an OTOP would be more secure ? Really ? You guys should be telling all the banks that so they can stop paying all the IT security experts who do that stuff for a living. "Hey (Thai bank) stop using OTOPs and let me log in and make any transactions I want with no security system at all because some guys on ThaiVisa think that will be more secure than using OTOPs."

Wow. Because not having that extra security feature would somehow protect you if someone stole all your personal information and phone and laptop. (Nothing will protect you, OTOP or not, if someone steals all your stuff and you've left all your log-ins and passwords somewhere they can access.)

I just checked on my bank and I can't change my email address online (never said I could), can't change my passport info (never said I could), can't change my Mobile number - but can change/add my Home number, change/add a Work number and change/add a Fax number. 
I can also choose which events to get notifications for and whether to get those notifications by email or SMS. 

I can also Deactivate the SMS OTOP Service if I so wanted to do so. I was tempted to do it, then reactivate it so I could see if there were any settings that could be changed but it really isn't worth my time or effort to do so.

I am curious though. If I deactivate the SMS OTOP service, how would I authenticate any transactions ? By email ? Or maybe you wouldn't be allowed to do any ?

Or maybe it would simply let you do the transactions without needing an OTOP ?

One way to find out !!
 

 

OTP visa SMS is NOT secure.

Google authenticator and similar solutions are way better solutions, but not perfect.

 

 

[Marius Brok]

TIT as first note.

My Thai wife have a Bangkok Bank account with their app with a Dutch phonenumber and simcard. It is impossible to change your phonenumber by yourself. Should be in person at the bank. All internet options available on mobile and PC can be used in The Netherlands where we live.

I do not know I will get as farang the same treatment.