YBR Security Policy

i-Rakyat Online Banking Security Guidelines

Bank Rakyat is committed to ensuring the security of i-Rakyat internet banking. We constantly invest in human capital, technical expertise, software, hardware, and introduce the latest processes/procedures to enhance the security of our online banking. We also implement stringent procedures to ensure the safety of all transactions. Our teams of experts monitor all possible threats and take appropriate actions to prevent any fraudulent or criminal activities.

Apart from the security measures put in place by the Bank, you play an equally important role to ensure your online security and account information is not compromised. Awareness and knowledge are your greatest ally to preventing fraudulent internet transactions.

What can you do?

  1. Password/PIN is the key to your account information. User ID and password/PIN allow you access to your account. A strong and unique password is an important protection to help you have safer online transactions. You must ensure ONLY you know the password/PIN and ONLY you have access to the account. These are ways on how you can protect your passwords.
    • Never share your password even with someone who claims to be from Bank Rakyat. Bank Rakyat employees will never ask you for your internet banking password.
    • Change your password (recommended every 3 months).
    • Create strong and unique passwords that are hard to guess. Don't use personal information e.g. your name, birthday, names of your children, etc.
    • Use a combination of letters, numbers and symbols. Passwords with upper and lower case letters, numbers and symbols are harder to guess.
    • Use different passwords for different websites.
    • Never write down your passwords anywhere or record them in your computer, hand phone or smart phone.
    • Always be suspicious when receiving e-mail/SMS/telephone calls requesting you to conduct any form of banking transaction which requires you to use your password/PIN.
    • Contact Bank Rakyat immediately if you feel the security of your password has been compro
  2. Protecting your computer. There are many threats on the internet like viruses, malwares, spywares, etc. Malwares and spywares for example are softwares installed in your computer without your permission. These softwares collect your personal information and direct the information to an unauthorised party. Fortunately, there are preventive measures you can take to stop these threats.
    • Ensure your computer is installed with anti-virus and anti-spyware programmes. You must regularly update your anti-virus and anti-spyware softwares with the latest "virus definition". This will ensure your computer will not be vulnerable to new viruses, malwares and spywares.
    • Activate your personal firewall on your computer. Firewall is a program that prevents unauthorized traffic to and from your computer. When it is installed and activated properly, your personal firewall will protect your computer and its contents from intruders when you are connected to the internet. It also ensures the data goes to the right place when you are online.
    • Do not forget to update your operating systems and web browsers. These updates come with the latest patches/fixes for the operating systems and browsers. These patches will close any "holes" that may allow any illegal access to your computer. You can update your operating system by using the Automated Update feature e.g. Windows Update for Windows users or visit the publishers' website for the latest updates/patches.
    • Avoid using public computers for i-Rakyat internet banking transactions as these computers may not have the latest security software.
    • Never leave your computer unattended when you are performing any internet transactions.
    • Log off properly after completing your online banking transactions. Follow the secure exit instructions and do not just close your internet browser.
    • Lock your computer by activating the screensavers/password protection feature. This is an effective way to prevent others from using your computer when you are away from your computer.
  3. i-Rakyat website is a secure website. You will know if a website is a secure site by looking at the URL which states "https:// " and not "http:// ". You will see the "s" for secure sites. There is also a security icon (locked padlock) in the URL bar. Secure sites mean the data is encrypted during transfer.
  4. What else can you do to ensure the security of your internet banking transaction with Bank Rakyat? Never disclose your personal information e.g. account number, password, username, PIN through e-mail, phone or SMS to any parties. Bank Rakyat never asks for such information via e-mails, SMS or phone. Check your account statement and report any unauthorized transactions immediately to Bank Rakyat.

What is 'phishing'?

Phishing is an attempt to obtain confidential personal information through e-mail, phone calls or SMS illegally. The main aim is to deceive you into providing personal information such as your username, password and bank account numbers. The information is used for illegal activities including accessing your account, withdrawing or transferring money to other account or using your personal details for any fraudulent activities.

How is 'phishing' usually done?

The most common technique used is by e-mail. These e-mails claim there are from Bank Rakyat, other financial institutions or other authorities. Commonly, there is an instruction asking you to click on the link which will direct you to a bogus website. This bogus website, which looks exactly like the real Bank Rakyat's internet banking website i-Rakyat, will record your personal information during your login. As mentioned, phishing can occur through convincing phone calls or SMS message sent to you.

How can I prevent myself from being ‘phished' ?

    1. Do not access i-Rakyat website via any form of links provided in any email correspondence to you or e-mail from unknown parties.
    2. Do not entertain and/or respond to e-mails, phone calls or SMS asking for your personal banking information from parties claiming to be from Bank Rakyat or authorised party.
    3. Type the full URL, i.e. https://www.irakyat.com.my when you want to perform your internet banking transaction.
    4. Ensure there is a padlock icon in the URL bar or the corner of your browser (depending on your web browser) to ensure it is a secure site.

Please be informed that Bank Rakyat will never ask you for your personal details, account information, password, PIN or other private information via e-mail, phone or SMS. Do not entertain any of the above requests from parties claiming to represent Bank Rakyat.

When in doubt or when you suspect that you are being 'phished', call our tele-RAKYAT Call Centre at 1-300-88-12265 (local) or 603-2117 9000 (overseas) or email us immediately. Our operating hours are Monday - Friday : 7.30am - 9.30pm, Sunday : 8.30am-5.30pm. We are closed on Saturday and Public Holidays.

Your report will help us identify phishing websites that are targeting our customers. We will regularly publish a list of these fraudulent websites for the benefit of our customers.

Credit Card

Credit Card Fraud Alert!

It has come to our attention of unscrupulous individuals who are making phone calls claiming to represent Bank Rakyat, Bank Negara Malaysia or other parties and asking our customers to perform certain credit cards related transactions.

Customers are reminded not to entertain or respond to these calls or provide any personal, banking or credit card information to these fraudsters. Customers are advised to immediately call Bank Rakyat Card Centre at 03-2693 6880 or 03-2692 4600 if you have received such calls.

Credit card provides the flexibility, convenience and speediness for you to spend in a cashless manner. You do not have to carry huge amount of cash when you are travelling. It provides a sense of security during emergency. And it allows for customers to perform more online purchases with ease and security. The widespread use of credit card however has provided the opportunity for fraudsters to deceive users. You can do your part to prevent credit card fraud.

        1. Do not forget to sign at the back of your new Bank Rakyat Credit Card-I the moment you received it.
        2. Ensure there is a padlock icon in the URL bar or the corner of your browser (depending on your web browser) to ensure it is a secure site.
        3. Draw a line through blank spaces above the total amount paid or circle the purchase amount on the sales draft when you sign the sales draft.
        4. Keep all sales draft and verify the amount against your card monthly statement. Report immediately to Bank Rakyat of any discrepancy or error.
        5. If your card is stolen, lost or damage, call Bank Rakyat Card Centre immediately at 03-26924600/03-26936880. You are required to provide a written confirmation and the police report of the stolen or lost card.
        6. Write down your credit card number and Bank Rakyat Credit Card Center in case of emergencies, stolen or lost card. Keep the information in a safe place.
        7. Please ensurethat you receive your monthly card statement. If you have not received your statement, call our Customer Service at 03-26936880.
        8. Kindly make your card payments before the statement due date to avoid any interruption on your card usage.
        9. Keep your card away from heat and direct sunlight. The magnetic stripe should not be scratched, placed back of two cards or near any magnetic devices (example: television, radio etc).

Important Message

        1. Bank Rakyat Credit Card-i is non-transferable. Do not lend your credit card-i to anyone including friends or family members.
        2. Do not disclose your credit card account number over the phone unless you have verified the company or individual you're speaking to.
        3. Do not write or keep your PIN number in your purse or wallet. Memorize and destroy the PIN notification immediately.
        4. Do not leave your credit card-i unattended. Your credit card-i(s) is as good as cash. So keep your credit card-i in your possession all the time.
        5. Budget wisely and avoid overspending.
        6. Track your spending against your credit card statement. Fraudulent transactions may not be listed immediately.
        7. You must close compromised credit card-i accounts immediately.
        8. Inform Bank Rakyat of any suspicious transactions in your account.

Securing your internet browser

It is a good habit to clear you browser's cache regularly or after each internet banking transactions. The cache is a temporary storage that keeps all your browsing history. By clearing your cache, it enhances the security of your online experience.

Here is how to clear your cache.

Internet Explorer 7

        1. Launch Internet Explorer
        2. Click "Tools"
        3. Select "Internet Options"
        4. Go to "Temporary Internet Files" and click "Delete Files"
        5. Followed by "OK"
        6. Click OK again to close the Internet Options window

Mozilla FireFox

        1. Launch Firefox browser
        2. Click "Tools"
        3. Select "Options"
        4. Click "Privacy"
        5. Go to Clear your recent history and tick all except Site Preferences
        6. Click "Clear Now"
        7. Click "OK" again to close the Options window.

Google Chrome

      1. Launch Google Chrome
      2. Click on the tab next to the URL bar and a drop-down menu will appear
      3. Select "Settings" from the menu and a new Chrome browser will appear
      4. Go to "Privacy" and click on "Clear Browsing Data..."
      5. Tick on the tabs (the first four tabs have been ticked as default). You can tick all the tabs.
      6. Then click "Clear Browsing Data"
      7. Close the Chrome tab