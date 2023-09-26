SINGAPORE – UOB and DBS have announced greater controls aimed at protecting customers against malware-enabled scams, following OCBC’s lead.

UOB will be rolling out two new security features on its UOB TMRW banking app progressively starting from Wednesday, Mr Daniel Ng, its head of Group Compliance, said on Tuesday.

The first update will restrict UOB customers’ access to their UOB TMRW app once any apps or tools that are sharing their mobile devices’ screens are detected. Customers can resume access to the banking app after they have turned off screen sharing on other apps.

This feature will prevent customers from unknowingly sharing their mobile screens with scammers when using the online banking app, which may allow scammers to take control of their devices and compromise their banking information.

The second update will restrict access to the UOB banking app upon detection of any apps that were downloaded from third-party or unauthorised sites with risky permissions on their mobile devices.

An error message flagging the name of the potentially risky app will be triggered, and customers will have to uninstall or turn off accessibility permissions for the flagged apps to resume access to the UOB app.

Mr Ng cautioned customers that the new updates may lead to some inconvenience, but said they are “necessary for enhanced security to mitigate the risks and protect customers’ exposure to malware scams”.

“Customers can be assured that the new security features do not monitor their phone activities, nor collect or store any personal data,” he added.

DBS, which launched a security check-up dashboard earlier this month, will be pushing out a new anti-malware tool on its DBS/POSB digibank app progressively from September.

The anti-malware tool will restrict DBS users’ access to their DBS/POSB digibank app if it detects the presence of malware, apps downloaded from unverified app stores – also known as sideloaded apps – with accessibility permissions enabled, or ongoing screen sharing on the device.

If known malware is detected, customers will receive a pop-up notification requesting them to secure their device. They can do so by disconnecting their mobile device from the Internet and deleting suspicious apps to regain access to their banking app.

If sideloaded apps with accessibility information are detected, users will be asked to uninstall the apps listed in the pop-up message or disable their accessibility permission via their device settings. This is to protect customers as having accessibility permission enabled for sideloaded apps may give scammers control of their devices.

If potentially unauthorised screen sharing is detected, customers will be prompted to stop sharing their screens. If they are not sharing their screens, they will be asked to call DBS’ fraud hotline immediately, as this is indicative of a malware attack.