>> ASIAONE / BUSINESS / NEWS / MY MONEY / STORY
Chinks in banks' e-armour
Tue, Oct 06, 2009
my paper

by Kenny Chee

FINANCIAL institutions here could do more to prevent online fraud, going by results from a recent study.

Many of them do not send e-mail that is authenticated - bearing electronic signatures verifying that the senders are from their institutions.

Click to enlarge image.
Source: Online Trust Alliance

In the study done by non-profit research organisation Online Trust Alliance, only 29 per cent of the most-visited financial services-industry websites here have such e-mail authentication in place.

This is lower than the 43 per cent among the most-visited North American bank websites.

This means financial institutions in Singapore could be more vulnerable to cybercriminals masquerading as someone from their organisation to send fraudulent e-mail that tries to steal or "phish" for consumers' personal information.

Mr Craig Spiezle, executive director of the Online Trust Alliance, said that security for financial institutions is important because online banking has become very pervasive, and hence one of the largest areas for cybercriminals to exploit.

The study looked at 250 million e-mail messages in six countries including Singapore, and the 100 most-visited websites in each of these countries.

It also showed that none of the most-visited financial-service websites here had an enhanced security certification feature allowing visitors to know if the site they are at is run by a legitimate company.

Despite the findings, marketing executive Sylvia Ng thinks that online banking here is "rather safe" because there are two levels of security before she can access her bank account online.

The 24-year-old has to enter a password on the site, and then a unique one provided by the bank. One company keen to explore having the enhanced security feature for its websites in future is telco SingTel. Its spokesman said that it already has a standard certification procedure for its online billing and transactional websites.

She added: "To prevent unauthorised registration on behalf of customers, we have implemented two-factor authentication for some of our services.

"This ensures a greater degree of security for customers."

It can cost US$1,000 (S$1,400) to get the enhanced security feature, which is not a big expense for most firms, Mr Spiezle said.

kennyc@sph.com.sg

- ADDITIONAL REPORTING BY JAKE CHNG


For more my paper stories click here.

 

 
STORY INDEX
 
  Swiss private bank opens Singapore office
   
 
  Head of property agent watchdog picked
   
 
  Bank's fault but not a word of apology
   
 
  Duty to post info on SGXnet lies with firm
   
 
  SGX rules shake-up for listed companies
   
 
  Good time to start Exim banking here: ASME
   
 
  S'pore managers 3rd in Asia in spending power
   
 
  CPF rates unchanged for 2010
   
 
  Rich getting richer, but spending less
   
 
  Protecting the integrity of SGXnet
   
>> RELATED STORY
I am Legend
Spur-Jobs scheme extended to security sector
Industrial areas dogged by spate of break-ins
Make security jobs more attractive
Security jobs are not just stop-gap measure

Elsewhere in AsiaOne...

News: Beggars and artists banned from subway

Digital: Savvy hackers making service contracts for spam

 
We welcome contributions, comments and tips.
a1admin@sph.com.sg
9180 1253 (SMS)
6319 8177
Search AsiaOne: