Tuesday, 26 September 2023

We are shifting our daily news to Gutzy.Asia Support us there!

Singapore banks told to phase out SMS OTP as sole factor of authenticating high-risk transactions

SINGAPORE — In a written reply to oral questions not answered by the end of parliament’s question time on Thursday (6 Jul), Senior Minister Tharman Shanmugaratnam, standing in for the Prime Minister, responded to concerns over fraudulent bank transactions.

The queries were raised by Mr Gerald Giam Yean Song, Workers’ Party Member of Parliament for Aljunied GRC, and Dr Tan Wu Meng, People’s Action Party MP for Jurong GRC.

Mr Giam had asked about the number of fraudulent transactions due to SMS OTP diversions, the timeline set by the Monetary Authority of Singapore (MAS) to phase out SMS OTPs, and the possibility for customers to opt out of using SMS OTPs if they were already using other multi-factor authentication methods.

Responding to Mr Giam’s queries, SM Tharman, also MAS’ Chairman before he stepped down from his political appointments on 7 July, stated, “While our local telco networks were secure and not compromised, the telco operators had since implemented additional security safeguards to mitigate the risk. Hence, the risk of SMS OTPs being diverted has now been largely addressed.”

SM Tharman further explained, “The Monetary Authority of Singapore (MAS) has required banks to phase out SMS OTP as a sole factor to authenticate high-risk transactions. Banks in Singapore have already moved away from sole reliance on SMS OTP for high-risk online banking activities.”

However, according to SM Tharman, MAS does not currently see the need to require banks to provide customers the ability to opt out of SMS OTPs as this would limit the authentication toolkit that the banks have and dilute the effectiveness of multi-layered security for protecting customers.

He also notes that the transition away from sole reliance on SMS OTP for high-risk online banking activities will however not deal with other scam types, such as those related to phishing and malware to steal banking credentials, that has been growing recently.

Meanwhile, Dr Tan, prompted by a police advisory on malware compromising mobile devices, asked whether MAS would consider reviewing previously closed cases of customer disputes involving unauthorized transactions.

In addressing these concerns, the Senior Minister underscored the growing threat of malware, stating that “scammers are exploiting newer technologies” and have “acquired the ability to control customers’ devices using malware.”

SM Tharman urges the public to pay attention to the security permissions requested by applications, install only from official sources, uninstall unknown applications, and regularly update devices and applications.

“MAS expects banks to treat customers fairly in all cases of dispute over unauthorized transactions,” SM Tharman emphasized. “Customers can ask banks to reassess their cases should new information relevant to their disputes surface.”

The police had earlier reported in February that residents in Singapore lost S$16.5 million in 2022, which is a significant decrease from 2021, when S$34.8 million was reported as lost.

Malware scams on the rise in Singapore

Just this June, police have issued a warning to Android users after at least two individuals lost an aggregate sum of S$99,800 from their Central Provident Fund (CPF) savings due to a new kind of malware scam.

Victims reportedly stumbled upon advertisements for groceries, including seafood, on various social media platforms, primarily Facebook.

After reaching out to the businesses through social media or WhatsApp, they were directed to download an Android Package Kit (APK) file to place orders and process payments.

APKs are installation files for Android apps, which can be downloaded from the Internet and third-party app stores, as opposed to the official Google Play Store. These APK files could contain malicious software or “malware”, particularly those designed for phishing.

Unwitting victims, unaware of the hidden malware in the downloaded application, opened their devices to remote access by scammers. This allowed the cybercriminals to pilfer sensitive data such as Singpass passcodes and other stored information on the victims’ devices.

“The scammer might also call the victim to ask for their Singpass passcode, purportedly to create an account on the application,” the police cautioned.

Further exploiting the victims’ trust, scammers directed them to phony bank application login sites to input their banking credentials. Equipped with keylogging capabilities, the malware would record the information and transmit it to the scammers.

These cybercriminals, now possessing stolen Singpass passcodes, accessed victims’ CPF accounts remotely. They withdrew funds through PayNow, which were then deposited into the victims’ bank accounts. Subsequently, the scammers utilized the victims’ banking application to transfer the CPF funds away via PayNow.

Victims only detected the scam when they noticed unauthorized transactions in their bank accounts.

Just yesterday, TOC reported on a case where a preschool teacher had most of her money transferred out of her account without her permission, even after she immediately deleted the suspicious app that she had downloaded online two months ago.

Notify of
Oldest Most Voted
Inline Feedbacks
View all comments

Latest posts

Election surprises and certainties: Dissecting Tharman’s presidential win

In the 2023 Presidential Election, Mr. Tharman Shanmugaratnam secured a stunning 70.4% landslide victory, surprising many, including himself. Despite expectations that TKL would win the opposition votes, voters from both camps showed a preference for Tharman's charisma and perceived competency. As Singapore reflects on the outcome, questions arise about the election's fairness and the real implications of Tharman's dominant win.

Volunteer as a Polling and Counting Agent for Singapore’s 2023 Presidential Election

For the upcoming Singapore Presidential Election on 1st September, members of the civil society have spearheaded an initiative to strengthen our democratic fabric. We invite committed individuals to join us as Polling and Counting Agents, standing together for a transparent, fair, and just election. This vote counting exercise, organized by members of civil society, is not specifically in support of Mr Tan Kin Lian, a candidate in the upcoming Presidential Election. It's an exercise in active citizenry. Nonetheless, Mr Tan endorses this initiative, which hinges on his candidacy, championing transparency, and has given permission for the results to be shared publicly.

Reflections from the Centenary: The Legacy of LKY and Singapore’s Future

Gilbert Goh reflects on the LKY centenary event: an inspiring showcase of a leader's global legacy juxtaposed against current challenges, urging Singapore to continue its path of progress.

Lim Tean advocates for Tan Kin Lian: A visionary leader for Singapore’s Presidency

In his speech at Mr Tan Kin Lian's launch of his presidential bid, Mr Lim Tean passionately championed the need for a truly Independent President. Highlighting Mr Tan Kin Lian's unique credentials and genuine concern for the wellbeing of Singaporeans, the Peoples Voice leader emphasized the pressing challenges of rising living costs and job insecurities faced by the public. Mr Lim depicted Mr Tan Kin Lian as a beacon of hope for the nation, advocating for a leader who genuinely understands and represents the people’s aspirations.

Tan Jee Say endorses Tan Kin Lian for President: A courageous, genuine, and humble...

In advocating for a truly representative leader, Tan Jee Say underscored Tan Kin Lian's humility, courage, and genuine dedication. Highlighting the pressing need for restored public trust and effective independence, Tan Jee Say emphasized that Tan Kin Lian, as the 'People's President', would bring back hope to Singaporeans and champion true democracy

Tan Kin Lian’s pledge: Rekindling unity and charting a vigorous future for Singapore

In the press conference to announce his bid for the Singapore presidency, Tan Kin Lian emphasizes safeguarding Singapore's reserves and strengthening public service integrity. Drawing on his 30-year leadership at NTUC Income, he envisions a future with affordable living, accessible housing, and job stability, pledging collaboration with the government for a united nation.

Strengthening Singapore’s political foundations: A call to action by Leong Mun Wai on Singapore’s...

Leong Mun Wai urges Singaporeans to strengthen political checks and balances, emphasizing, 'The best is yet to be for Singapore if we dare to make the right decision in upcoming elections.

Trending posts