Imminent new security laws for banks have been welcomed by analysts and industry spokespeople as Singaporeans continue to engage in risky behaviour.
However, the laws will help protect customers only from a technology point of view. How banks educate customers to improve their own attitudes towards security will be the key challenge moving forwards.
Over a quarter of Singaporeans had experienced credit, debit or prepaid card fraud in the past five years, according to the annual ACI Worldwide Global Fraud Report released in early October (26 per cent). Furthermore, the report found that half of those surveyed engaged in ‘risky behaviour such as throwing bank statements or ATM receipts in the trash.’
Earlier this year a report released by ZDNet also claimed mobile banking adoption within Singapore was outpacing security, suggesting local banks may soon suffer kick-back reputational damage from customers’ habits. “Should there be fraudulent or illegal activity due to neglect on the customer’s part, this unfortunately ultimately reflects poorly on the bank itself as to why further action wasn’t taken in trying to stop these illicit doings,” said Michael Yeo Sek Pheng, Market Analyst, IDC Financial Insights.
The banking industry in Singapore is aware of these risks and is taking steps to mitigate them. The Association of Banks in Singapore (ABS) has mandated that by December 2012 all banks will use online security tokens with transaction signing functionality, which Pheng said the industry has been quick to adopt to. “Technology in this form while still not fool-proof, adds another layer of security to protect the consumer.”
Two-factor authentication is already a significant part of European financial services security practices. Rik Turner, Senior Analyst, Financial Services, Technology, Ovum, argues education is most critical in encouraging safe behaviour by customers, saying “it is fair to say that banks need not only to deploy a further layer of technology to safeguard their online/ mobile customers, but also to engage in education programs about rudimentary security, such as selecting the right password and changing it from time to time.”
Singapore’s banks are actively seeking to engage with customers in a range of financial literacy programs, and Ken Seng Wei, Senior Vice President, Information Security Services, DBS, claimed despite the reports of ‘risky behaviour,’ Singaporeans do respond to their bank’s education initiatives around financial security.
“We are very proactive with sending out emails and keeping the customers informed – I would not say Singaporeans are less safe with mobile banking,” Wei said.
IDC Financial Insights’ Pheng also pointed to a 2009 report showing Singaporeans were more likely to spot a fake site than their US, UK and Australian counterparts.
“Knowledge is the best weapon in defending against security threats and a tuned-in city like Singapore is one in which it doesn’t take long for information to spread amongst the small populace,” Pheng said.