Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) announced today that major retail banks will phase out the use of One-Time Passwords (OTPs) for bank account logins within the next three months.

This change will apply to customers who have activated their digital tokens on mobile devices, aiming to protect them against phishing scams better.

Digital Tokens to Replace OTPs

According to the Monetary Authority of Singapore (MAS) reports, customers who have activated digital tokens on their mobile devices will now use them to log in to their bank account via browsers or mobile banking apps.

The digital token will authenticate logins without needing an OTP, which scammers can potentially steal or trick customers into disclosing.

Those who have not yet activated their digital tokens are strongly encouraged to do so to reduce the risk of phishing attacks. OTPs were introduced in the 2000s as a multi-factor authentication method to bolster online security.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

However, technological advancements and sophisticated social engineering tactics have made it easier for scammers to phish for OTPs, often through fake bank websites that closely mimic legitimate ones.

This new measure is expected to strengthen the authentication process, making it more difficult for scammers to access customer accounts and funds fraudulently without explicit authorization via mobile devices.

Ongoing Efforts to Combat Phishing Scams

Phishing scams continue to be a significant concern in Singapore. Banks are working closely with MAS and the Singapore Police Force to develop and introduce solutions to strengthen collective resistance against evolving scam tactics.

Mrs. Ong-Ang Ai Boon, Director of ABS, emphasized the importance of this measure, stating, “This measure provides customers with further protection against unauthorized access to their bank accounts. While they may cause some inconvenience, such measures are necessary to help prevent scams and protect customers.”

Ms. Loo Siew Yee, Assistant Managing Director (Policy, Payments & Financial Crime) at MAS, added, that MAS continues to work closely with banks to protect consumers by leaning hard against digital banking scams.

This latest measure will complement good cyber hygiene practices that customers must continue to practice, such as safeguarding their banking credentials.

As Singapore banks transition away from OTPs, customers are urged to activate their digital tokens and stay vigilant against phishing attempts to ensure their online banking security.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…

52 minutes ago

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…

1 hour ago

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…

2 hours ago

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…

3 hours ago

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by the…

3 hours ago

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…

4 hours ago