We thank Forum writers Young Pak Nang and Chwa Poh Kew for their respective letters, "How can customers be accountable for OTP fraud?" and "Bank kept asking me to pay for OTP fraud transactions" (Sept 17).
As noted by Mr Young, consumers routinely provide their credit card details to merchants for online and point-of-sale payments.
If these credit card details are compromised by a third party, such as when the merchant's database is breached, consumers will not be considered to have failed to protect their card information.
Consumers can be assured that as long as they have taken care to protect their card information and authentication credentials, they will not have to bear any unauthorised charges due to the diversion of SMS one-time passwords.
As pointed out by Mr Chwa, cyber criminals are constantly developing new and sophisticated methods and tools to target victims.
Financial institutions are continually reviewing and enhancing their measures to safeguard customers against new forms of attacks. At the same time, a consumer's protection of his credentials is an important first line of defence against scams and frauds.
The Monetary Authority of Singapore (MAS), together with the Singapore Police Force and MoneySense, our national financial education programme, actively alerts consumers to new methods adopted by scammers and how consumers can protect themselves.
Unfortunately, despite best efforts by both financial institutions and consumers, criminals may still succeed.
MAS has started a review with the financial industry to establish a framework to provide greater clarity on the responsibilities and liabilities of financial institutions and consumers in the case of fraudulent payment transactions.
MAS will continue to work with all stakeholders to ensure e-payments remain safe and secure.
Director (Corporate Communications)
Monetary Authority of Singapore