Cybercrime booms with increasingly sophisticated methods
In the first nine months of 2025, ATM transactions decreased by 16.77% in volume and 5.74% in value compared with the same period last year. This indicates that cash-based habits are being replaced by digital payment methods.
However, the rapid development of digital payment systems has also created a favourable environment for cybercrimes.
Online scams, data theft, and transaction impersonation have become more sophisticated. Cybercrime now employs methods ranging from Account Takeover (ATO) attacks to deepfake technology that manipulates victims with fake images and voices — and many cases involve Visa card hacking.
H.D., a woman in Ha Noi, was shocked to wake up to over 10 transaction notifications from her Visa card overnight, all of which were unauthorised and resulted in a loss of 48 million VND. “All of these transactions were payment notifications from a foreign service app, but I have not used my Visa card for any such transaction recently,” she stressed.
Similarly, N.H.L., a man in Quang Ninh, received repeated bank alerts during the night for multiple Visa card withdrawals, even though he had not used the card for a month. Although he immediately requested a card lock, he was still anxious because the bank said the verification process could take 45–60 days.
As commerce moves to online platforms, fraudulent forms also change, leading to an increase in card-theft cases. Two major concerns in digital payments are communication security and information security. The financial damage caused by cybercrime has reached alarming levels.
According to the 2024 cybersecurity research and survey report conducted by the National Cybersecurity Association’s technology board in December 2024, one in every 220 smartphone users is a scam victim, with estimated losses in 2024 reaching 18.900 billion VND. The most common forms of fraud include investment solicitation, while personal-data leaks remain at an alarming level. This huge figure not only directly affects individual finances but also risks eroding public trust in digital financial services. It raises urgent questions about how to strengthen security while promoting digital payments and socio-economic development, while ensuring consumer rights and safety.
According to the State Bank of Viet Nam, Vietnamese people made 5.5 billion cashless transactions in the first quarter alone. Cashless payment is now used for almost all daily needs: 83% for shopping; 72% for food and transportation; 66% for utility payments; 51% for entertainment, sports, and tourism; and 48% for education, healthcare, and insurance
Notably, the group aged 35 and over has the highest rate of cashless payment at 76%, especially for utility payments.
Urgent need for strict adoption of international security standards
The burden of security cannot be placed solely on consumers. It requires a strong correction from service providers. The fact that personal data is still being sold and leaked shows the need for strict application of international security standards, forcing related parties to invest commensurate with the growth rate of transactions.
Sharing with Nhan Dan Newspaper reporters, Dang Tuyet Dung, Visa Director in Viet Nam and Laos, emphasised that international payment organisations and banks in Viet Nam must implement high-level security technologies as a mandatory requirement to maintain customer trust. Payment security, which must be a top strategic priority, must be implemented synchronously to counter increasingly sophisticated cybercrimes.
At the launch of the MB hibiz Visa card, Dung highlighted the importance of tokenisation technology, which plays a decisive role in protecting original data. “Instead of transmitting traditional 16-digit card information through payment streams, real card numbers must be retained in the bank's system," she emphasised.
Only a token code is used for each transaction, eliminating the risk of card data leaks, especially importantly in e-commerce.
Continuing to use traditional SMS OTP has shown significant limitations in terms of security and experience. Therefore, switching to a risk scoring model is an inevitable step, as this technology is considered many times safer than OTP.
Many markets worldwide have already phased out SMS OTP in favour of advanced risk management. “Click to Pay” technology is also emerging as a safe and convenient solution, allowing online payments with a single click, minimising the risk of entering data on insecure devices. A critical step in strengthening system security is shifting from outdated authentication methods to data- and AI-based risk management.
The use of Generative AI in payment risk and fraud management models is a necessary measure to deal with the evolution of cybercrime. This is a dual responsibility of card issuers and payment networks to protect consumers and maintain market stability.
Dung added that modern payment transactions can transmit over 150 data points. This huge dataset must be used effectively to produce accurate risk-scores models for each transaction and promptly identify fraudulent behaviour. Viet Nam has significant opportunities and potential for developing cashless payments and digital payments, especially in the context of over 10 million people having completed biometric verification, strengthening both security and convenience in online payments.
Only when financial institutions in Viet Nam unanimously and resolutely apply the most advanced security standards, considering them as a strategic foundation, can they ensure “speed, convenience, and safety” — the most powerful "weapons" of digital payments to serve the needs of consumers.
