If you are one who transact over the internet or run banking applications on your mobile devices, chances are that you might be affected in a way or two by the Heartbleed bug in OpenSSL.

So what is Heartbleed? According to a BBC report, it’s an OpenSSL vulnerability. OpenSSL is a security protocol  that encrypts communications between your computer (or device) and a Web  server. As the BBC put it, it’s sort of a “secret handshake at the beginning of a secure  conversation.”

“Most websites, many operating systems, and many apps use OpenSSL. It’s  everywhere, and one version of it has a critical bug that lets hackers  exploit a function known as the “heartbeat option,” which lets a computer  (like yours) send a message to an Internet server to make sure they are still  connected — think a tap on the shoulder to see if your buddy is still awake.  This bug lets attackers send fake heartbeat messages to trick the server into  sending back sensitive data like passwords and credit card numbers. Again, it’s  very bad.”

If you visit a site beginning with https://  , chances are that this site uses the SSL to secure the transactions.

There are various ways to check if a site is potentially unsafe. Some tools include




We tested a few internet banking sites and they all passed the test. The test returns the message “TLS extension 15 (heartbeat) seems disabled, so your server is probably unaffected”.

OCBC internet.ocbc.com

DBS internet-banking.dbs.com.sg

UOB pib.uob.com.sg

ANZ sgib.anz.com

Citibank www.citibank.com.sg

Maybank sslsecure.maybank.com.sg

CIMB www.cimbclicks.com.sg

HSBC hsbc.com.sg

Anyway, another layer of protection is via the 2FA token. If you feel insecure, it is perhaps time to change your password to a much stronger one with alphanumeric characters.








By Harry