New transaction signing token will cost six largest Singapore banks more than $50m
Banks are convinced that commercial risk-reward trade-offs and customer inconvenience do not fully justify the new transaction signing token for e-banking. December 20, 2012 | ResearchOnline banking platforms of commercial banks handle millions of transactions every month. In mature markets such as Hong Kong and Singapore, more than 50% of all retail transactions are conducted through e-banking. For securities trading, Forex margin trading and IPO subscriptions, this percentage can exceed 80%. Banks in these two markets are able to generate between $10 and $100 per customer annually, mostly on transactional services and trading. Online banking has become more mainstream with active rates now surpassing 60%. As a consequence, regulators frequently update their risk directives on online payments. In Hong Kong, the Hong Kong Monetary Authority (HKMA) is proposing that certain transactions, such as setting up registered accounts for third party fund transfers and the increase of transfer limit for third party accounts, should no longer be allowed to be conducted online without a new security measure. It has not made this mandatory yet though the industry expects that it may do so in 2013. Enhancing regulation for high-risk transactions Figure 1. Hong Kong and Singapore’s security features and roadmap Unlike Hong Kong, the Monetary Authority of Singapore (MAS) recently issued a set of detailed mandatory guidelines including the issuance of a new transaction signing token for high-risk transactions which will become effective in January 2013. Banks have to be prepared for denial of service attacks, distributed denial of service attacks, and, in particular, man-in-the-middle attacks on high-risk transactional services which are often irrevocable once executed by banks. According to MAS, high-risk transactions include changes to se... Please login to read the complete article. If you already have an account, you can login now or subscribe/register.
Categories: Internet Banking, Operational Risk & Security, Regulation, Retail Banking, Retail Payments, Risk and Regulation, Technology & OperationsInternet Banking,OperationalRiskSecurity,riskregulation,retail,Retail Payments,Risk and Regulation,technology, Internet Banking,Operational Risk & Security,Regulation,Retail Banking,Retail Payments,Risk and Regulation,Technology & Operations, Keywords:Man In The Middle Attack, DDoS, HKMA, MAS, NAF, Assurity, HSBC, 2FA, Standard Chartered Bank, RHB, Assurity Man in the Middle Attack, DDoS, HKMA, MAS, NAF, Assurity, HSBC, 2FA, Standard Chartered Bank, RHB, Assurity
|