Keeping your eWallet safe & secure
for you to use your eWallet with confidence.
for you to use your eWallet with confidence.
In the unlikely event that you lose your eWallet balance through unauthorised activity, this policy protects you from the risk by compensating you fully within five working days.
Enjoy peace of mind whether you're reloading, spending or cashing in with WalletSafe. For just RM1, you get up to RM25,000 protection on your eWallet & GO+ balance, and more benefits.
You can choose either 6-digit PINs and biometric verification to authorise your profile access, payments, log ins, & fund transfers. The choice is yours.
Touch 'n Go eWallet is the first and only eWallet in Malaysia to successfully implement the new measures imposed on banks by the regulator.
Your eWallet has face verification as a method of authentication when you login to your eWallet, change your eWallet PIN, perform transactions or make payments with your eWallet, & perform reloads to your eWallet.
Transactions of a certain threshold, or any abnormal activity & suspicious behaviour observed on your account, will be limited or blocked. An email alert will be sent to you should your transactions go over the set limit.
A cooling-off period means that when you log in to your eWallet from a new device with a less secure authentication method, it will trigger a set of risk-based conditions where the user will be limited to a certain amount for top-ups or payments up to 48 hours. Any top-up or payments above the limit will be rejected automatically.
TapSecure is introduced as a mandatory one-tap approval function to authenticate your transactions. The TapSecure approval ensures that only your linked device can be used for the approval of transactions within your eWallet account.
Touch ‘n Go eWallet is the first eWallet to be a part of the National Scam Response Centre. A consumer hotline has been set up specifically to attend to fraud, scam cases or queries manned by a dedicated team of fraud operations. Please contact the hotline number at +603-5022 3888 & select “4” for “Fraud” to make a report.
Scammers use malware - a harmful & nasty software that installs itself on your device - to relocate funds from your account & commit identity theft.
How do malicious apps work?
1. They are sent through chats, links, attachments, etc.
2. The app will ask for your permission to be the default SMS app.
3. If you tap ‘Allow’, it can steal your SMS, TAC or OTP and compromise your banking details.
What do I do if I tapped ‘Allow’, and my eWallet details are compromised?
1. Uninstall suspected malicious app.
2. Change your eWallet and financial passwords.
What will happen if you install the fake app
1. The fake app will display a fake payment page for you to proceed with the payment.
2. This fake payment page in the malicious app is designed to steal your credentials.
Install & maintain an updated, quality anti-virus/anti-malware programme
Check if the source is trustworthy, or if the site is genuine before downloading programmes
Be sure of what you're agreeing to online before you click
NEVER open spam email messages containing attachments or click links on suspicious websites
Stay alert on common security threats such as banking fraud & identity theft cases
A mule account is an account used to receive & transfer funds obtained illegally
A scammer may contact you & persuade you to rent out your eWallet to them (to conduct illegal activities) in exchange for a reward
A mule account can be charged under Malaysian laws, including blacklisting the account holder
How to prevent a Mule account scam?
Never accept job offers, rewards, or any offers that may seem too good to be true in exchange for your eWallet account.
Do not help anyone to receive or transfer funds from/to third parties.
You could be violating the law if illegal activities or transactions are found in your eWallet account & legal action may be taken against you.
URLs / links sent to your mobile number via SMS / WhatsApp / other messaging apps for various reasons
Suspicious links that brings you to a fake “Touch ‘n Go” or “Touch ‘n Go eWallet” login page that looks real
The scammer will get all your details the moment you key them into the page
Touch ‘n Go eWallet will NOT send links to users for login or any purposes
Your OTP SMS & login credentials will be revealed to the scammer
Always login to your Touch ‘n Go eWallet only via the app downloaded from the OFFICIAL App Store or Play Store
Scammers will call you & impersonate themselves as employees of any companies. They will ‘verify’ you with your personal details such as your IC number, vehicle number, etc. These scammers will then ask for your login credentials such as your OTP SMS.
Touch ‘n Go eWallet employees will NEVER request for your OTP SMS
Touch ‘n Go eWallet employees will NEVER share their employee ID with you
Touch ‘n Go eWallet employees will NEVER request for your PIN number
Be alert & vigilant!
Scammers are meant to be convincing. They know how to trick you into providing your details
NEVER reveal your OTP SMS
NEVER reveal your login credentials such as your Security Question & Answer/ OTP SMS / PIN number
SMS scam
A fake text requesting you to log in to a fake website to verify your eWallet account, or to check your account balance.
Our SMSes will not be accompanied by links.
Should you receive any text messages with links claiming to be from us, please do not click the link.
Always be vigilant of SMSes you receive. Please contact us to check if you received an SMS with a link claiming to be from us. We would be more than happy to verify the SMS for you.
1. Keep your eWallet app up to date & Secure PIN private.
2. Beware of phishers.
3. Check your “Transaction History” regularly.
Click to find out more
1. Check your “Transactions” regularly.
2. Keep your eWallet app up to date, & PIN private.
3. Beware of phishing scams.
Click to find out more.
To report any fraudulent & suspicious activity
Click here or call +603-5022 3888 (Mon-Sun 7.00am – 10.00pm).