Dear Editor,

We thank Ms Ang Chiew Leng for her feedback on the use of software tokens for two-factor authentication in online banking applications. (“Give customers a choice between digital and hardware tokens”, The Straits Times, 15 April 2017)
 
The Monetary Authority of Singapore (MAS) does not prescribe any particular technology for use in two-factor authentication. This is to enable financial institutions (FIs) to innovate and better meet their customers’ needs for security and convenience. Software token is resistant against cyber-attacks when implemented properly.

MAS requires FIs to put in place appropriate IT security controls to protect customers’ information from unauthorised access. FIs are expected to adopt sound security measures, including fraud monitoring measures, to mitigate the risks associated with their online financial services.

Bey Mui Leng (Ms)
Director (Corporate Communications)
Monetary Authority of Singapore