He once more attempted to get another SMS with an OTP. This day, he managed to add his cards to the game.  ,
He was informed on December 21 that he had received two credit cards messages indicating an amount of €1 035 had been made. He also discovered that two trades, totalling about €237, were made on Dec 18.  ,
He returned to test and realized that the initial OTP was for adding his passport to Google Pay.  ,
Another sufferer, who wanted to be known simply as Larry, described a similar experience.  ,
On November 25, he received an OTP to contribute his POSB credit cards to Google Pay and connected it to Koufu Eat. He thought the communication was for adding his cards to the game, and he keyed it in.  ,
Similar to Mr. Teh, his first attempt was unsuccessful, but his passport was added on his third test.  ,
On Dec 7, he was notified that a deal of €1, 480 was made on his cards.  ,
One victim, who wanted to be known just by her first title Celine, said she had tried adding her father’s debit card to the game.
When her father received the OTP alert, he read out the six figures to Celine.
Every moment she entered the OTP, the game kept crashing. She eventually gave up and didn’t put the cards.
But, at about 2am on Dec 21, her father was notified that his cards had been charged about €500 without his approval.  ,
Eventually, the couple discovered that the OTP information they had received on Koufu Eat was also used to add their cards to Google Pay.  ,
Celine came away with a rude surprise from the event.  ,
” We are both in our mid-30s … We are quite IT savvy”, she said. ” The chances of us getting scammed is like close to a minimum” . ,
” But seemingly it also happened because we didn’t actually read the messages properly”.
After the false purchases, all three victims filed police reports.
Koufu told CNA that Apple Pay and Google Pay are the only e-wallet payment methods that are available through the game.
Additionally, it added that since Koufu Eat uses eNETs as its repayment gate, it does not store any of its clients ‘ credit card information.  ,
Consumers are directed to the eNETS repayment gateway to process their payments once they have completed their purchases using the software.
Baskets claimed its investigation revealed that eNETS did not handle the reported false transactions.
The payment gateway is certified in accordance with the latest business rules, it added.
The eNETS spokesperson stated that the payment gateway does not store card verification value ( CVV ) credentials in any way, and that the credit card information is encrypted and tokenized.
 ,” The situation is now under inspection. We will continue to give the Singapore Authorities Force our aid as needed,” according to NETS.
None of the patients have received compensation. The bank explained to the customers when they spoke with DBS that it was unable to withdraw or cancel the transactions.
Celine and Mr. Teh claim that they were informed that they had authorized adding their cards to Google Pay because they had entered the OTP, and that these purchases were deemed to be genuine.
Mr. Teh was informed that the card holder would continue to be responsible for the purchase because it was classified as secured, but the authorities may suggest a” special design” to the lender for consideration.
DBS said on Tuesday that it is aware of recent reports of illegal purchases on its users ‘ cards after they were added to the Koufu software in response to CNA’s questions.
” We have been working closely with Koufu and the authorities to thoroughly evaluate this matter,” said the bank.
According to DBS, studies show there has been” no compromise” with its card and payment systems and that they are safe.
” Instead, affected users had authorised the addition of their card to an unfamiliar third-party Google Pay budget. When a passport is added to a portable budget, it is akin to having the card on hands”, said the bank.
” For this reason, later card bills made via the wireless wallet may be disputed.  , We have been in touch with impacted customers to give support and assistance”.
It encouraged users to be vigilant and to report them to its 24-hour scam reporting line at , 1800 339 6963 if they are within Singapore or on 65 6339 6963 from abroad.
” We also suggest turning on purchase warning alerts to keep abreast of all cards activity and regularly monitoring obligations for any suspicious task,” said DBS.