Singaporean banks are not going to allow one-time passwords using SMS for some of their customers. The Association of Banks in Singapore (ABS) and Monetary Authority of Singapore (MAS) announced this recently.
These are customers who have set up a digital token using their banking app. This token is secured with screen locks. Customers who lose their phones should contact the bank to have their digital token unlocked.
One-time passwords were introduced in the 2000s as a multifactor authentication option. "Technological developments and more sophisticated social-engineering tactics have made it possible for scammers to more easily phish customers' one-time passwords, for example through fake bank websites that look very similar to the real website," said Singapore's banking regulator and association of banks.
Digital tokens should make the authentication process more secure. It makes it more difficult for scammers to gain access to customers' bank accounts. Malicious parties, when using digital tokens, need access to the phone to perform a transaction.
Click here for the message from the Monetary Authority of Singapore.
