[ad_1]
SINGAPORE – Banks, insurers, and other financial institutions may need to implement more stringent ways to verify customer identity in non-face-to-face situations, such as telephone or online banking.
The Monetary Authority of Singapore (MAS) issued on Tuesday (November 10) a consultation document on the types of information required for such verification of a person’s identity.
The proposed requirements are against the backdrop of increasing cases of phishing scam and seek to address the risks arising from the theft and misuse of a person’s personal data, MAS said.
Under the proposal, it would be mandatory for a financial institution, such as a bank or an insurance company, to use at least one of the following types of information for remote verification through channels such as telephone or online banking:
• A password or PIN;
• A one-time password generated through a hardware or software token;
• Biometric information that uniquely identifies the individual;
• Information that is known only between the individual and the financial institution, such as account transaction details;
These would be necessary before any transaction or customer request is made, MAS said.
The proposal would also prohibit financial institutions from relying on common personal information, such as NRIC number, residential address, and date of birth, as the sole means of identity verification.
MAS cybersecurity director Tan Yeow Seng said that the public often provides personal information, such as NRIC number and date of birth, for various purposes, such as filling out application forms.
Such information could be used for phishing fraud if it falls into the wrong hands, he said.
“The proposed notice will further strengthen consumer confidence in financial institutions by making these identity verification practices mandatory during non-face-to-face financial transactions,” Tan said, adding that consumers should also play their role. role by not disclosing your online banking login credentials to others.
The consultation document is available on the MAS website and interested parties can submit comments on the proposed requirements until December 9.
[ad_2]
