Banks in Singapore introduce new measures to strengthen resistance against phishing scams
Banks in Singapore to strengthen resilience against phishing scams
Singapore, 9 July 2024 - The Monetary Authority of Singapore
(MAS) and The Association of Banks in Singapore (ABS) today announced
that major retail banks in Singapore will progressively phase out the
use of One-Time Passwords (OTPs) for bank account login by customers
who are digital token users within the next three months. This will
better protect them against phishing.
2.
Customers who
have activated their digital token on their mobile device will have to
use their digital tokens for bank account logins via the browser or
the mobile banking app. The digital token will authenticate
customers’ login without the need for an OTP that scammers can steal,
or trick customers into disclosing. Customers who have not activated
their digital tokens are strongly encouraged to do so, to lower the
risk of having their credentials phished.
3.
The use
of OTP was introduced in the 2000s as a multi-factor authentication
option to strengthen online security. However, technological
developments and more sophisticated social engineering tactics have
since enabled scammers to more easily phish for customers’ OTP, for
example through setting up fake bank websites that closely resemble
the genuine websites. This latest measure will strengthen the
authentication process, making it harder for scammers to fraudulently
access a customer's account and funds without the customer’s explicit
authorisation using his mobile device.
4.
Phishing
scams remain a concern in Singapore1, and banks continue to work
closely with MAS and the Singapore Police Force to develop and
introduce solutions and measures to strengthen our collective
resistance in the ever-evolving scam landscape.
5.
Mrs
Ong-Ang Ai Boon, Director, ABS, said: “This measure provides customers
with further protection against unauthorised access to their bank
accounts. While they may give rise to some inconvenience, such
measures are necessary to help prevent scams and protect customers. ”
Ms Loo Siew Yee, Assistant Managing Director (Policy, Payments
& Financial Crime), MAS, 6.
said: “MAS continues to work
closely with banks to protect consumers by leaning hard against
digital banking scams. This latest measure will complement good cyber
hygiene practices that customers must continue to practise, such as
safeguarding their banking credentials. ”
1 Phishing scams
were among the top five scam types last year, with at least $14. 2
million lost to these scams - Singapore Police Force Annual Scams and
Cybercrime Brief 2023.
*****
For media enquiries,
please contact: Ong-Ang Ai Boon (Mrs. ) Director The Association of
Banks in Singapore Tel: 6224 4300 Email: banks@abs. org.
sg
Samuel Lee Deputy Director (Communications) Monetary
Authority of Singapore Email: samuel_lee@mas. gov. sg