The Monetary Authority of Singapore and the Association of Banks in Singapore (ABS), on Jan 19, announced that they are introducing a set of added measures in a bid to bolster the security of digital banking.
The move comes due to the recent spate of SMS-phishing scams that have targeted bank customers.
To this end, the central bank stated that it expects all financial institutions to have robust measures to prevent and detect scams.
The measures will also include the efficient handling of an incident, as well as customer service should a scam occur.
“The growing threat of online phishing scams calls for immediate steps to strengthen controls, while longer-term preventive measures are being evaluated for implementation in the coming months,” reads the joint statement released by MAS and ABS.
Within the next two weeks, banks in Singapore will work to put in place stricter measures. This includes the removing of clickable links in emails or text messages sent to retail customers.
See also: New Key Summary 123
The threshold for notifications for funds transfer transactions will be set at $100 by default, or lower.
Under the stricter measures, there should be a delay of at least 12 hours before the activation of a new soft token on a mobile device. Notifications will also be sent to bank customers’ existing mobile numbers or email addresses upon the request of a change in their mobile numbers or email addresses.
In addition, banks should have dedicated customer assistance teams that are well-resourced to deal with feedback on potential fraud cases on a priority basis. Additional safeguards such as a cooling-off period before the implementation of requests for key account changes such as key contact details.
See also: Resourse Library Event
Finally, more frequent scam education alerts will be sent under the stricter measures imposed.
That said, the measures will lengthen the time taken for certain online banking transactions, but they also serve to add an additional layer of security to protect customers’ funds, says MAS and ABS.
Following the measures, banks will continue to work closely with the MAS, the Singapore Police Force and the Infocomm Media Development Authority (IMDA) to deal with such scams.
This includes working on more permanent solutions to combat SMS spoofing, including adoption of the SMS Sender ID registry by all relevant stakeholders.
MAS is also intensifying its scrutiny of major financial institutions’ fraud surveillance mechanisms to ensure they are adequately equipped to deal with the growing threat of online scams.
“As an industry, we have always focused on the need to ensure robust security measures while meeting customers’ expectations for convenient and swift services. Together with the MAS and ecosystem players, the banking industry will continue to strengthen consumer protection measures,” says Wee Ee Cheong, chairman of ABS. Wee is also the deputy chairman and CEO of UOB.
“We also ask that the public stay vigilant given that scams continue to evolve and are executed quickly. We remain committed to upholding the confidence with which customers can transact online safely, while still maintaining a high level of service,” he adds.
To stay ahead of Singapore and the region’s corporate and economic trends, click here for Latest Section
Ravi Menon, managing director of MAS expressed his deep concern about the “recent spate of scams and the financial losses suffered by victims”.
“The threat of scams will not go away, but we can reduce our vulnerabilities. This requires a multi-pronged response across the ecosystem. MAS, together with the police, IMDA and other relevant government agencies, is working closely with the financial industry, the telco industry, consumer groups, and other stakeholders to strengthen our collective resilience against scam attacks. We will ensure that digital banking remains secure, efficient, and trusted,” he promised.
In the meantime, MAS and ABS warned banking customers to avoid falling for online banking scams by verifying that they’re at the bank’s official website or the bank’s official mobile application before making any transactions.
Transaction notifications should also be closely monitored so that unauthorised payments, if any, are reported as quickly as possible.
Customers should also avoid clicking on links provided in text messages and emails, as well as avoid divulging their internet banking credentials or passwords to anyone.
Photo: Bloomberg