In recent years, ICBC has improved the customer information protection system in the whole process of banking services and constantly enhanced the hard control on the information protection in the IT system to protect the interests of financial customers, which has built a security network for information protection and financial transactions.

According to an official with ICBC, ICBC has built up a complete customer information protection system with enhanced working mechanism, regulations and IT support, protecting customer information and transactions through hard control on the customer information protection in key procedures. Meanwhile, ICBC has educated its customers with the financial knowledge on information security, helping them strengthen the awareness of self-protection.

The official also indicated that ICBC has performed integrated management, storage and maintenance as well as whole-process authority control and monitoring and inspection during the customer information management. It has established an access control and hierarchical authority system in the business application system and monitored and checked the abnormal operations about personal customer information on the principle of necessary information only and minimum authority. For example, the customer manager is only entitled to inquire the account information of customers he should maintain after the authorization and part of account numbers are screened by the system automatically.

Hard control is conducted on key procedures about customer information protection. For example, there are strict authorization rules for customer information inquiry functions in the business system, inquiry results displayed cannot be copied and automatic encryption and authorization are performed for e-files to be downloaded. Mails containing customer information sent outward are automatically scanned and intercepted. Moreover, ICBC established a daily monitoring and inspection system, checking the customer information security on a regular and all-around basis and timely eliminating potential risks.

In the external cooperation, ICBC has always prioritized the customer information security through stricter management system, special management rules, regulated use of customer information and rigorous approval management. Given the disclosure risk of new payment methods such as third-party payment in recent years, ICBC has set strict restrictions on customer information available for third-party institutions as per regulatory requirements, and developed convenient products at the banking security level like ICBC e-payment. Deployed in the bank terminal, the payment environment of ICBC e-payment provides dual protection of SMS verification and account verification, achieving both rapid payment and transaction security.

In terms of customer education on information security knowledge, ICBC has developed the Bank Safety Knowledge Manual for Personal Customers, helping customers understand common information protection methods. In 2014, the Bank has organized over 230,000 employees to attend the "Popularizing Financial Knowledge" initiative, issued 14 million publicity materials and over 11 million messages on financial knowledge, which has covered more than 25 million financial consumers.