Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan issues mobile banking cyber safety guidance for consumers

The Agency for Regulation and Development of the Financial Market of the Republic of Kazakhstan published consumer guidance on using mobile banking safely, warning that as mobile banking becomes ubiquitous, cyber risks are increasing and fraudsters often target user errors rather than technical weaknesses in bank systems. The guidance advises caution with public Wi‑Fi (including verifying the official network name, avoiding credential entry if an app or site looks unusual, using mobile internet or a personal hotspot, and ending sessions after transactions). It recommends using strong, unique passwords (at least 10 characters with mixed case, numbers and special symbols), not reusing passwords across services, avoiding storing them in notes or messengers, and using password managers where needed. Users are also encouraged to enable two‑factor authentication (including via SMS or authenticator apps), activate SMS or push notifications for account activity, download banking apps only from official app stores and official developers, and secure devices with PIN, fingerprint or Face ID while promptly blocking SIM and app access if a phone is lost. Additional measures include setting daily transfer limits, regularly checking the list of active devices linked to the banking app, and notifying the bank when changing phone numbers to preserve transaction confirmation and alerts. The Agency also reminded users that bank staff never ask for verification codes, passwords or card details, and pointed to Fingramota.kz for further materials while urging customers to contact their bank immediately if they encounter suspicious activity.