SINGAPORE: Banks in Singapore will soon eliminate the use of one-time passwords (OTPs) for those using digital tokens to log into their bank accounts.
CNA reported that this initiative, announced by the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) on Tuesday, aims to enhance security against phishing scams.
This transition, set to unfold over the next three months, will affect customers of DBS, OCBC, and UOB banks. However, customers relying on physical tokens will not be impacted by this change.
"The digital token will authenticate customers' login without the need for an OTP that scammers can steal or trick customers into disclosing," MAS and ABS said.
They also strongly encourage customers who have not yet activated their digital tokens to do so promptly.
OTPs were initially introduced in the 2000s as a multi-factor authentication measure to bolster online security.
However, advancements in technology and increasingly sophisticated social engineering tactics have made it easier for scammers to phish for OTPs.
For instance, scammers have been known to create fake bank websites that closely mimic legitimate ones.
"This latest measure will strengthen the authentication process, making it harder for scammers to fraudulently access a customer's account and funds without the customer's explicit authorisation using their mobile device," MAS and ABS added.
The move comes in response to rising concerns about phishing scams.
According to the Singapore Police Force's annual report on scams and cybercrime, S$14.2 million (US$10.5 million) was lost to phishing scams last year, with 5,938 incidents reported, down from 7,097 incidents the previous year.
MAS's Assistant Managing Director for Policy, Payments, and Financial Crime, Loo Siew Yee, emphasised the importance of this measure in combating digital banking scams.
"MAS continues to work closely with banks to protect consumers by leaning hard against digital banking scams.
"This latest measure will complement good cyber practices that customers must continue to follow, such as safeguarding their banking credentials," she said.
Meanwhile, ABS Director Ong-Ang Ai Boon acknowledged that while the measure might cause some inconvenience, it is essential for preventing scams and protecting customers.
"This measure provides customers with further protection against unauthorised access to their bank accounts."
Ong-Ang advised customers to contact their respective banks for more information on how to activate their digital tokens.