Singapore banks are phasing out OTPs for logins


Banks will instead use digital tokens to authenticate bank account login attempts.

Major retail banks in Singapore will progressively phase out the use of one-time passwords (OTPs) for bank account login by customers who are digital token users over the next three months.

In a joint statement, the Monetary Authority of Singapore (MAS) and the Association of Banks in Singapore (ABS) said that the digital tokens will instead be used to authenticate customers’ login without the need for an OTP.

MAS and ABS believes that the phasing out of the OTP and the use of digital tokens will better protect customers against phishing, noting that scammers can steal or trick customers to disclose an OTP.

Customers who have not activated their digital tokens are strongly encouraged to do so, to lower the risk of having their credentials phished, the two entities added.

“This measure provides customers with further protection against unauthorised access to their bank accounts,” said Ong-Ang Ai Boon, director, ABS.

“Whilst they may give rise to some inconvenience, such measures are necessary to help prevent scams and protect customers,” she added.