MAS does not prescribe any particular method for 2FA

We thank Ms Ang Chiew Leng for her feedback on the use of software tokens for two-factor authentication (2FA) in online banking applications (Give customers a choice between digital and hardware tokens; April 15).

The Monetary Authority of Singapore does not prescribe any particular technology for use in two-factor authentication.

This is to enable financial institutions to innovate and better meet their customers' needs for security and convenience.

Software tokens are resistant to cyber attacks when implemented properly.

The MAS requires financial institutions to put in place appropriate IT security controls to protect customers' information from unauthorised access.

Financial institutions are expected to adopt sound security measures, including fraud monitoring measures, to mitigate the risks associated with their online financial services.

Bey Mui Leng (Ms)
Director (Corporate Communications)
Monetary Authority of Singapore

A version of this article appeared in the print edition of The Straits Times on April 27, 2017, with the headline 'MAS does not prescribe any particular method for 2FA'. Print Edition | Subscribe