The Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) have announced that banks in the region plan to better protect customers against phishing. Within the upcoming three months from the time of the announcement, major retail banks in Singapore are set to discontinue the use of One-Time Passwords (OTPs) for account login for customers that leverage digital tokens.

Through this, financial institutions intend to solidify their resilience against phishing scams and better safeguard their customers. The move follows the increase in phishing scams across the region, with banks planning to collaborate closely with MAS and the Singapore Police Force to create and introduce solutions and measures to mitigate the current difficulties in the sector. In addition, the MAS mentions that customers who have activated their digital tokens on their mobile devices can utilise their digital tokens for bank account logins through browsers or the mobile banking app. This enables users to be authenticated without being required to utilise an OTP that scammers can steal or trick them into disclosing.

The banks encourage customers to activate their digital tokens and reduce the possibility of having their credentials phished by criminals. What strategies are banks implementing to protect customers? Being introduced in the 2000s as a multi-factor authentication option to increase security, OTPs have now decreased in safety due to technological developments and modern social engineering tactics. Through this measure, Singaporean banks focus on solidifying and optimising the authentication process, thus making it more difficult for scammers to fraudulently access a customer’s account and funds without the latter's explicit authorisation using their mobile device. Furthermore, according to ABS’s officials, this measure is set to deliver customers increased protection against unauthorised access to their bank accounts.

The organisation mentions that even if such methods may come with some inconvenience, they are required to support the prevention of scams and safeguard customers. In addition, representatives from the MAS highlighted that their institution plans to continue to collaborate with banks to shield consumers from digital banking scams, with the latest measure complementing cyber hygiene practices that individuals must continue to practice, including safeguarding their banking details. .