![]() ![]() ![]() The problem with technology is that it is an arms race between the attackers and the defenders, and the race is asymmetric. This can sometimes be counterproductive.įor example, asking customers to create too many passwords or security codes often results in them being overwhelmed and choosing simple ones which are easy to hack - the most common passwords in the world are “password” and “1234” for a reason. The downside is that automated bank protection measures may end up making things more frustrating for bank customers, who will be subject to more friction. Third, both banks and customers could make use of automated fraud detection tools.įor example, GovTech’s Open Government Products team has created an app called ScamShield for the public that is supposed to help block suspicious calls and messages.īanks also usually have their own internal fraud detection tools - for example, automatic freezing of an account that has a certain number of suspicious transactions within a defined time period. Utilising government digital infrastructure may also be more secure, because if each bank sets up its own repository of biometric data to facilitate biometric access, that opens the banks up to all sorts of data privacy complications and further possible cyber attacks. This would ensure that scammers cannot break into a bank account by guessing a password or getting the victim to give them an OTP. In fact, it may make sense for all banks to integrate with SingPass, such that transactions can only be authorised using an official government-verified digital identity. OCBC has since July 2020 already had the option for users to log in to its digital banking services using SingPass. SingPass, the Government’s secure online identity system, allows users to log in using facial recognition. For example, biometric verification of the account holder’s identity when executing transactions, such as facial or fingerprint verification. Secondly, more secure identity verification measures could be put in place. This is more secure as then the scammers would not be able to use the telephone number spoofing method anymore, since the apps are internet-based and not telephone-based. Use authenticator apps instead, like Microsoft and Google do. There are two broad categories of measures that we can take to help people avoid falling prey to scams: Technological and behavioural.įirst, we could start with getting rid of Short Message Service (SMS) messages and One Time Passwords (OTP). Third, loss allocation: In situations where no one is at fault, besides the scammers, who should bear the loss? Second, accountability: Who should be held accountable when a scam occurs and how can victims vindicate their rights? There are three separate questions we need to ask in order to move forward.įirst, prevention: What can be done to prevent people from falling victim to such scams and who should be doing it? Last month, OCBC said it would voluntarily reimburse all the scam victims. There have been calls for the Government to intervene in various forms. Others blame the victims for being gullible and not taking proper care. Some people blame the bank and are all too willing to call for full compensation to be made to the victims. There has been much commentary in the wake of a series of sophisticated scams that tricked 790 OCBC customers out of more than S$13 million. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |