Source: The Straits Times

Following the recent cybersecurity breach involving the personal particulars and medical data of 1.5 million SingHealth patients, including those of Prime Minister Lee Hsien Loong, the Monetary Authority of Singapore (MAS) has circulated a reminder to all banks to “tighten their customer verification processes”.

In a press release dated 24 July, MAS declared that banks in Singapore are “already required to put in place two-factor authentication (e.g. PIN and One-Time-Password) at login” in the process of identification through online financial services.

Additionally, MAS has also instructed financial institutions to “implement an additional layer of control to authorise high-risk transactions”, such as the “opening of beneficial accounts, registration of third party payee details and revision of funds transfer limits”.

MAS also noted that personal particulars — name, NRIC number, address, date of birth, etc — are “generally not used as the sole means of verification by financial institutions”, as such details are “freely given out by members of the public for various purposes, such as when filling out lucky draw coupons or surveys”.

Consequently, MAS has specified that supplementary details such as “a One-Time Password, PIN, biometrics, and the last transaction date or amount” must be utilised for the purposes of verifying transactions made by clients.

MAS has instructed all financial institutions to carry out “a risk assessment of the impact of the SingHealth incident on their existing control measures for financial services offered to customers, including transaction and inquiry functions”.

The Authority also stated that it will “engage financial institutions on their risk assessments and mitigation steps” which are to be carried out immediately by the institutions.

MAS’ Chief Cyber Security Officer, Mr Tan Yeow Seng, said: “MAS will work closely with the financial institutions to ensure that robust cyber defences are in place so that customers can carry out online financial transactions with confidence.”

“But customers must also play their part.  They must safeguard their passwords and practise good cyber hygiene.”

If they suspect any fraudulent transactions in their accounts, they should notify their banks immediately,” he concluded.

MAS urges consumers to refer to the Gosafeonline webpage for cybersecurity tips and the SingCERT webpage for alerts and advisories on cybersecurity issues.

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
You May Also Like

Joseph Leong appointed to be Permanent Secretary (Defence Development) starting from 1 March

Senior civil servant Joseph Leong will be appointed Permanent Secretary (Defence Development)…

Are Singaporeans obliged to be grateful to public servants?

by Augustine Low Minister Chan Chun Sing ended his speech to public…

President Halimah Yacob underlines importance of appreciating diversity and upholding social cohesion in three-day conference

The importance of “engaging meaningfully” with and upholding social cohesion among members…

Flash flood at Marine Parade on 7 July; Minister said building more drains “not feasible” to tackle flash floods

In a Facebook post dated 7 July, former Senior Political Correspondent for…