The industry-wide move to require PIN at Malaysian point of sale (POS) as a form of customer verification for Malaysian credit, debit, charge and prepaid cards will start from mid-2015 as signature cards will be replaced with PIN cards. From 1 July 2017, signature will no longer be accepted on Malaysian payment cards for domestic transactions.
A PIN, or Personal Identification Number, is a secret code that is either assigned to, or selected by customers to prove that they are the rightful owner of the payment card. PINs for Malaysian cards have six digits.
PIN usage can help protect against fraud due to lost or stolen cards, because the card and the PIN are required to make a payment. This is why customers must always keep their PIN secret.
Yes. Your point of sale terminal software needs to be updated to enable prompting for PIN. This terminal software update will need to be completed before 1 January 2017.
Yes, all customers will need to be issued with new cards because current cards do not support PIN for payment. Customers who have yet to receive new PIN cards will continue to pay using signature. All credit, debit, charge and prepaid cards in Malaysia will need to be replaced by 1 January 2017.
It will process new PIN cards without prompting for PIN just like it does for existing signature cards, and the customer’s signature will need to be verified.
No. For security reasons, the customer’s PIN must never be shared with anyone, not even the employees of the card issuer.
Before 1 July 2017, signature will be allowed if customers cannot remember their PIN. This is called PIN bypass.
PIN bypass is activated by pressing OK or Enter, depending on the terminal, instead of typing the PIN. Assist customers to use PIN bypass but only if they have forgotten their PIN. PIN bypass is not supported for contactless transactions. To bypass PIN if customers forget their PIN, perform a new transaction by inserting the card.
After 1 July 2017, PIN bypass will no longer be allowed for Malaysian cards and they will be automatically declined if PIN is prompted but not entered.
Before 1 July 2017, a terminal that has been upgraded for PIN will continue to accept signature cards and will not prompt for PIN but the customer’s signature will still need to be verified. After 1 July 2017, signature-only cards will no longer be permitted to be used in Malaysia.
Signature will still be a valid form of authorization for many visitors from overseas.
No, not all transactions at point of sale will need PIN:
- Low-value contactless transactions for amounts below a certain limit do not require PIN.
- International transactions (with cards issued by banks outside Malaysia) may be approved with signature and not require a PIN.
Yes. If the contactless card has a PIN, the terminal will prompt for PIN after the card is tapped on the contactless reader for transaction amounts above a certain limit. However, low-value contactless transactions do not require PIN or signature.
All you need to do is follow the prompts on the terminal. The payment terminal that is reading the card will determine if a PIN is required and if so, it will prompt for a PIN.
They will be asked to sign to authorise their transaction. Note that low-value contactless transactions for amounts below a certain limit will not require a PIN or a signature.
PIN transactions require customers to complete their payment where the terminal is physically located. For convenience, you may want to upgrade from a fixed-line terminal to a portable terminal.
No. The PIN that customers use at point of sale terminals or ATMs must never be entered into the Internet or provided over the telephone.
Most terminals at restaurants should display the amount that customers are paying and ask if they wish to add a tip/gratuity, before prompting for PIN. Customers should simply follow the display prompts.
- Payment card is inserted in the terminal
- Terminal prompts for PIN
- Operator presses OK to bypass PIN, without first allowing the customer to enter PIN
- Customer must sign the transaction receipt
Reasons for discouraging PIN bypass
- PIN protects against fraudulent use of a lost card or stolen card
- Malaysian banks will decline transactions with signature from 1 July 2017