Tuesday, August 9, 2016

OCBC 360 Savings Account with up to 4.1% interest rate

I have opened an OCBC 360 savings account, which is statement based and without passbook.
ATM card can be applied at the cost of RM8 one time payment for convenience of account transaction using ATM machine.

This account has a fixed interest rate of 0.5% per annum. On top of that, there are 3 categories of additional interest of 1.2% per annum each to be earned for deposit amount up to RM100k.

The 3 categories are:

  • Deposit: to deposit a minimum of RM500 into the OCBC 360 account within the month.
  • Bill Payment: to perform at least 3 bill payments from OCBC 360 account using Internet banking or mobile banking within the month. This includes payment to OCBC credit card, payment to OCBC housing loan, and payment to any of the participating billing organizations available in OCBC Internet banking or mobile banking service.
  • Credit Card: to link an OCBC credit card to this 360 account, and to charge at least RM500 aggregated retail transactions to the credit card within the month. The calculated amount is excluding credit card fees and charges, balance transfer, instalment plan, cancelled transactions, etc.
Therefore, the maximum possible interest rate is 0.5% + (1.2% x 3) = 4.1%, for the first RM100k of deposit. The interest rate for additional amount above RM100k remains as 0.5% only.

This interest structure is pretty attractive and comparable to fixed deposit accounts.

OCBC 360 is an adult savings account for individual above 18 years old, and its 4.1% possible interest rate is even higher than most junior and/or teens savings account, which in turn higher than most normal savings account.

This account is insured with the Malaysian Deposit Insurance Corporation (PIDM) for deposit amount up to RM250k.

Apparently, this is a tactic for OCBC to attract working people to centralize their banking with them, which include monthly salary deposit, monthly bill payments, and credit card spending.

OCBC has been famous to give attractive offer with innovative products, such as their previous famous Titanium credit card. However, they also have the track record of making such attractive offer unattractive after a few years.

This OCBC 360 savings account was introduced somewhere in December 2015, which is considered still new. I think this attractive offer will stay around for quite some times, and if OCBC plays the trick to make it unattractive again, we can always pull out and deposit our money at other more attractive bank account.

Wednesday, August 3, 2016

The hacking of Telegram app and the vulnerability of relying on SMS as authentication method

Yesterday (2 August 2016) there was news about 15 million Iranian Telegram users mobile phone number exposed and more than dozen accounts compromised by hackers.

A chain is only as strong as its weakest link. This incident exposed that SMS, which is currently commonly used as authentication method in many online services including online banking systems, is vulnerable to security breach and could be the weakest link in the security measure.

Coincidently, Focus Malaysia Issue 191 dated 29 July 2016 has also just discussed about this vulnerability in its featured article titled "Overcoming The Two-Factor Vulnerability: When it comes to securing your web accounts, two-factor authentication using SMS is safer than just a standard password. But recent cases have shown that it might be time to move away from that."

Why is it not a good idea for online service providers to make use of SMS as security measure?

Firstly, the sending and receiving of SMS is depending on the telco service, which is totally out of control of the online service providers. Therefore, it is vulnerable to listening, hijacking, impersonating, replicating, and other kinds of security breaches along its sending and receiving process.

Secondly, technically speaking, personnel working in the telco can also easily manipulate the SMS as the control is with them. This is very likely the case as happened to Telegram users in Iran.

Thirdly, as mentioned in the article in Focus Malaysia, the code sent by SMS can be obtained using social engineering.

Fourthly, as SMS is sent to the phone, in the event the user lost his/her phone with the mobile apps of online banking, online stockbroking, etc., if the mobile apps are using SMS for authentication, whoever who got the phone can easily take control of the user's accounts, unless the SIM card in the phone is immediately barred, which then disables its SMS function.

As for the case of Telegram app, you can further secure your Telegram account by activating two-step verification, which will require your password to login beside your mobile phone number.

To activate two-step verification in Telegram app, go to Menu > Settings > Privacy and Security > Two-Step Verification and set your recovery email there. Your email can then be your last resort to safeguard your account from hijacking.

Monday, July 25, 2016

LED light bulb that fit in PLC downlight fixture

I have been wondering for a long time if the PLC downlights in my house that use CFL (compact fluorescence) bulbs can be replaced with LED light bulb without much modification. Today, I've finally found the answer.

One of my PLC downlights is faulty and I need to replace its 18W CFL bulb. While searching for its replacement at the shop, I found this...

Yes, it is the PLC light bulb with 2-pin leg that fit with the fixture of my downlight. Instead of CFL tubes, this product is using LED as its lighting source.

So, this is exactly the LED solution that I've been searching for years. Even better, this kind of LED light bulb fit exactly to the existing PLC fixture, and totally no modification is needed.

This LED light bulb is more environmental friendly than the CFL, as it contains no mercury. It also claims to have longer lifespan than CFL, and consume less electricity to obtain the same amount of lumen output. In addition, LED light generates much less heat than CFL. It is also said that LED light does not attract insects, which is a desirable feature. However, this LED bulb is a little bit more expensive than its CFL counterparts.

I have purchased one to replace the faulty CFL bulb. See it in action below:

Finally, I've found the solution to change my PLC based downlights at my house to LED type.

I have been gradually changing the CFL bulbs with E27 base to LED type, as LED light with E27 base has been around for a few years.

Eventually, most if not all the lamps at my house will be LED based, when the CFLs are gradually replaced after they have reached their end of life.

Hint: Click on the "Older Posts" link to continue reading, or click here for a listing of all my past 3 months articles.