By 
Banks in Singapore are set to phase out the use of One-Time Passwords (OTPs) due to their vulnerability to phishing attacks, transitioning instead to digital tokens for bank account logins.
Introduced in the 2000s as a multi-factor authentication method to enhance online security, OTPs have become increasingly susceptible to sophisticated social engineering tactics. Scammers have found ways to exploit OTPs, such as creating fake bank websites that closely mimic legitimate ones to deceive customers.
Over the next three months, the switch to a digital token-based system for both mobile and web account logins will be implemented progressively.
Ong-Ang Ai Boon, director of the Association of Banks in Singapore, stated, “This measure provides customers with further protection against unauthorized access to their bank accounts. While these changes may cause some inconvenience, they are essential to prevent scams and protect customers.”
According to the Singapore Police Force Annual Scams and Cybercrime Brief 2023, phishing scams were among the top five scam types last year, with at least $14.2 million stolen from customer accounts.
Loo Siew Yee, assistant managing director (Policy, Payments & Financial Crime) at the Monetary Authority of Singapore, commented, “MAS continues to work closely with banks to protect consumers by strongly combating digital banking scams. This latest measure will complement good cyber hygiene practices that customers must continue to uphold, such as safeguarding their banking credentials.”
Comments