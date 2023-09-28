Due to recent scams involving online banking, some people have advocated bringing back physical authentication tokens (Bring back physical tokens for authentication, Sept 21).

However, contrary to popular belief, physical tokens may not actually be that effective in protecting users from the sophisticated scams seen these days.

Such scams are executed with the clever use of software, and the way to deal with that is to have better software security.

Anti-malware technology has been in use in personal computers for decades. Although computer hardware has improved by leaps and bounds over the years, antivirus software is still needed to deal with software written maliciously to cause harm.

In the context of mobile banking apps, even if physical authentication tokens are used, it is still possible for an unsuspecting user to install a modified version of the banking app that stealthily siphons money out of the banking account while the user is using it.

When this happens, the user may think that he is using his physical token to simply log in to his banking account, but the app can then perform additional transactions on behalf of the user without showing them on the screen. There is no way for typical physical tokens to determine if the app has been tampered with. Hence, malicious software is best dealt with by appropriate software security measures.

I applaud the Monetary Authority of Singapore and local banks for taking steps to improve the ability of mobile banking apps to defend themselves by detecting the presence of malware in users’ phones (UOB, DBS introduce new security features on banking apps to protect customers, Sept 26).

Although some users may see this as an inconvenience, as they are forced to uninstall some apps, they should be thankful that the banks have helped them identify malware.

There does not have to be a massive trade-off between security and user convenience. Software can be designed to offer great user experience with security embedded within. With the use of advanced software security, it is possible for an app to be able to defend itself against attacks and modifications.

To achieve our Smart Nation goals, we should continue to creatively apply the right technology to resolve issues that may hinder our progress.

Er Chiang Kai