Finally got our SecureSign device from Public Bank for online business e-banking. Looks similar to HSBC’s security token:
However the way it is used is very different from HSBC’s. There are two stages in carrying out an online transaction. The logic behind is there may be more than one person who can access the business bank account (logging into the account does not require the SecureSign device). But not all of them have the authority to carry out online transactions. So the first stage involves creating transactions, e.g. to pay for utility bills. Subsequently, the person with SecureSign device will approve these transactions, presumably one by one (haven’t tried this out yet).
In the first stage, I made payment in a similar way to how I was accustomed to. But when I was expecting to key in a secure code from the SecureSign device before I confirm a transaction, I managed to confirm without one. But the transaction was then put under “Pending” status.
In the second stage, I needed to click on the “Transaction Approval” tab to proceed:
On the left hand column, there were “Maker Transaction Status” and “Authorizer Transaction Status”. I could view pending transaction under “Maker Transaction Status” or “Authorizer Transaction Status”. To authorise transactions, I needed to click on “Authorizer Transaction Status”, followed by “Approve/Reject Transaction”. There I was required to search for the transaction to approve, which in my case was just one pending. Here came the unintuitive bit, after clicking on the transaction that I wanted to approve. I was required to key in the secure code. The secure code was to be generated from the SecureSign device. However it wasn’t entirely clear from the Quick Guide that came with the SecureSign device how it could be generated:
First, I keyed in the PIN number into the SecureSign device when prompted. Then I pressed the “1” or “Sign” button on the device, before keying in the first set of data. This first set of data was actually the first line of numbers on-screen in red. After keying in the numbers followed by “OK” on the device, I keyed in the second line of numbers in red (it was the amount figure, but remember to omit the decimal dot) followed by “OK”. Then only the secure code appeared, which I entered on-screen to approve the transaction.
Now do you understand how the SecureSign device facilitates online business transactions for Public Bank?
Updated on 4/12/2015:
Just found out today that if your pending transaction is not authorised within 7 days, the transaction will vanish by itself. Yes, vanish, because it will not show up anywhere, even if you try to search for it. It is not rejected nor deleted. It will disappear from you, or even the Public Bank staff. Initially I thought I can just keep creating transactions, let them stay pending, until I authorise them at a later date closer to actual payment due date for my bills. The reason I did that because Public Bank do not allow transactions to executed on a future date. Absolutely rubbish. Maybank can do that. And how difficult can it be to keep a record of expired (pending) transactions, so that I don’t have to dig out transaction details again to make the payment. Basically their commercial online payment system is just not very well thought out to me. It is appropriate to describe it as rubbish.
Updated on 1/2/2016:
If you damage the device, it will cost you RM50 (plus GST) to replace. Don’t put it in your pocket, especially if your jeans is tight, like mine, with lots of things inside too, as mine cracked. Replacement does not take long, I got mine replaced in 2-3 days time.
Updated on 16/6/2017:
One and a half year since I wrote this how-to and their online portal is still showing up such amateurish message.. Basically this shows up when there is no more transaction to approve or reject when I clicked on “Approve/Reject Transaction”. It is NOT an error if there is no transaction to show here! Before this online portal goes live Public Bank should have inspected it thoroughly, every permutations, to weed out all the loose ends. Users are not interested in software error messages copied straight from the backend. Very poor, embarrassing actually, considering that Public Bank is the second largest bank in Malaysia.