MyDigital ID, banks enhance digital security as online fraud hits RM40 million monthly

With e-financial fraud losses surging sixfold in a year, MyDigital ID is positioning itself as Malaysia’s core digital identity infrastructure for secure authentication across banking, fintech and public services.

KUALA LUMPUR: Malaysia is losing nearly RM40 million a month to online financial fraud — a figure that highlights the growing vulnerability of the country’s digital economy.

Royal Malaysia Police data shows reported e-financial fraud cases rose from 1,812 in 2024 to 5,159 in 2025. Reported losses surged from RM65.5 million to RM458.7 million in just one year — a sixfold increase.

At the heart of the problem is identity, now widely regarded as the weakest link in Malaysia’s digital ecosystem.

To address this, the government initiated MyDigital ID, a national digital identity platform positioning itself as the backbone of secure authentication across banking, fintech and public services.

Built on multi-factor authentication, the system combines three layers: what you know (passwords), what you have (devices) and what you are (biometrics).

MyDigital ID deputy chief executive officer Azrin Aris is leading efforts to place the platform at the centre of the country’s digital security drive.

For Azrin, the appeal lies not only in stronger protection but also simplicity. Users can access multiple applications through a single, secure identity — eliminating the need to manage numerous log-in credentials.

“Most crucially, user data is not stored by MyDigital ID itself,” he said.

Instead, identity verification is conducted directly against official records held by the National Registration Department.

This architecture addresses one of the public’s biggest concerns: the creation of a massive, hackable identity database.

“We act as the platform that verifies the identity,” Azrin said, explaining that the system confirms information in real time to ensure the person accessing an account is its legitimate owner.

Azrin was speaking after MyDigital ID signed memoranda of understanding with 15 banks, e-wallet providers and fintech firms on Feb 12, in a ceremony witnessed by chief executive officer Nik Hisham Nik Ibrahim.

The partners are Maybank, CIMB Bank, Public Bank, RHB Bank, Hong Leong Bank, AmBank, Bank Islam, Boost Bank, KAF Digital Bank, Ryt Bank, Touch ’n Go Digital, ShopeePay, Atome, Kale (Technology) (PayLater) and Finexus.

Azrin said MyDigital ID aims to reach 17 million registered accounts by year-end — more than double the 7.3 million accounts recorded at the close of last year.

The figure reached 10 million users this month, and he is confident of hitting 13 million by the end of June.

The surge marks a sharp increase from just 1.8 million accounts during the same period last year — growth he attributes to rising public awareness of scams, phishing schemes, mule accounts and identity theft.

He said Malaysians are not only transacting more online, but are also becoming more aware of the risks that come with digital convenience and the need to safeguard personal data.

The financial industry is steadily moving towards passwordless systems, relying more heavily on biometric verification.

While some security experts caution that biometrics are not a silver bullet, MyDigital ID integrates biometric data within a broader multi-factor framework, reducing reliance on any single point of failure.

This issue was addressed during the panel discussion moderated by Faiz Azmi, featuring KAF Digital Bank chief technology officer Sazul Samsuri and Finexus head of technical engineering Sean Ng.

The trio also discussed the onboarding of non-citizens who do not possess a Malaysian identity card, noting that this is an important matter the government needs to address.

Meanwhile, chief executive of the National Cyber Security Agency (Nacsa), Dr Megat Zuhairy Megat Tajuddin, said collaboration is critical. The recently signed agreements will enable banks and fintech partners to test and integrate MyDigital ID’s e-verification technology into their systems, strengthening authentication processes across the financial ecosystem.

“The goal is not only integration, but standardisation — embedding a nationally recognised identity layer into private-sector authentication systems,” he said.

Megat Zuhairy noted that despite advances in technology, improved security tools and expanded awareness campaigns, fraud continues to rise.

“Why? Because digital identity remains fragmented,” he said.

“However, when identity verification becomes stronger, fake accounts become harder to create, impersonation becomes more difficult, fraud detection becomes more accurate, and investigations become more effective.

“In short, the entire digital ecosystem becomes safer.”

Cybersecurity is often framed as a technical arms race between defenders and attackers. Increasingly, however, it is about something more fundamental: proving who someone really is in a digital world.

“Cybersecurity is often discussed as a technical issue. In reality, it is a people issue. MyDigital ID gives us a powerful tool to address it,” he added.

Malaysia is betting that a single, trusted digital identity can make that proof stronger.