DHAKA, Nov 19, 2024 (BSS) – The National Board of Revenue (NBR) has intensified the security measures of ASYCUDA World System to prevent any sort of irregularities.

To this end, the revenue authority has asked the system users of all customs stations to use strong passwords to prevent misuse of the ASYCUDA World System.
The authority has also taken initiative of automatic password reset every 21 days and cancellation of three previously used passwords.

The Automated System for Customs Data (ASYCUDA), innovated by the UN Conference on Trade and Development (UNCTAD) is an integrated customs management system for international trade and transport operations in a modern automated environment.

Around 100 countries, including Bangladesh’s customs authority, have been using the system since 1993. NBR has taken various steps to strengthen the overall security of the system, including ensuring three levels of security for accessing the ASYCUDA World System.

The first step in security is password authentication. The official, user ID has been issued in favour of whose, has to login to the system using his secret password.

In second step, two factors authentication have been made mandatory with the help of a powerful middleware used in ASYCUDA World. A One Time Password (OTP) will automatically be sent to the user's verified mobile number after entering the secret password to login in the ASYCUDA World system. Without submitting the OTP, the user will not be able to access the system.

Third step of security is IP address device binding. The authorized user’s desktop or laptop IP details have been entered into the system. So, the user cannot access the ASYCUDA World System from any computer or mobile phone.

The NBR has also implemented ‘Code Signer Certificate’ to prevent illegal Decryption, and re-encryption of Java Archive (jar) files of the system. Through this, the system of integrity verification and authenticity assurance has been confirmed.

The revenue authority has also prohibited the use of social media on computers used for the ASYCUDA World System.

Bangladesh Computer Council is working on Vulnerability Assessment and Penetration Testing (VAPT). Initiatives will be taken to implement the results of the testing and the recommendations of the Bangladesh Computer Council.

According to the NBR, an unscrupulous group recently released a container of cigarettes by submitting a bill of entry on May 20, 2024, using his ASYCUDA World System ID in the absence of an officer working at the Chittagong Customs House.

Preliminary investigation revealed that the goods were recovered not by hacking the system but by stealing his ID and password from the official’s computer in his absence.

Then the NBR took the initiative to identify the real culprits and their accomplices involved in this malpractice.

An investigation committee headed by the Director General, Customs Intelligence and Investigation Directorate while another committee under the leadership of a member of the NBR is working to take action against the gang involved in clearing the goods by stealing the ID-password of the customs officer.