USERS’ CONCERNS
Some users took to the bank’s social media accounts after the security update kicked in on Saturday. They were unable to access their OCBC online banking services as they had the high-risk apps on their mobile phones.
Users shared screenshots on the bank’s Facebook with a prompt that read: “As the following apps are not from official app stores (eg. Google Play Store and Huawei AppGallery), they may be malicious or harmful”. The message then identified the apps and requested users uninstall them before proceeding with their online banking.
Users complained that apps such as popular Chinese video sharing platform Douyin, online payment platform Alipay, and LG’s smart appliance control app are among those flagged by OCBC’s security feature.
The bank has advised users to reinstall them from the official app stores to access their banking services.
Mr Chua explained that some apps are available on both official app stores and third party websites, but users should only download these apps from official stores as they would have gone through more stringent checks.
In response to customers who were concerned about their privacy, Mr Chua stated: “There is a misunderstanding that users think we can scan their phones and see their content but that is an absolute no, the user’s information does not go to the bank. It is localised on your phone and only you can see it.”
The Association of Banks in Singapore (ABS) said malware-related scams are often carried out through apps downloaded from third-party or dubious sites, and reminded consumers that they will be expected to bear losses arising from such scams.
The organisation echoed OCBC’s stance on privacy, saying the bank’s security features do not monitor customers’ phone activity, collect any personal data, nor identify the owner of the mobile device.
DEFENDING AGAINST MALWARE
OCBC said that since it rolled out the security enhancement on Saturday, the bank has not received any malware scam reports from customers who have updated their app with the new feature. It added this is in contrast to before Aug 5 when the bank received at least one malware scam report a day.
One elderly OCBC customer who supports the initiative said he likes the additional layer of protection.
“I have seen many people get scammed over the years, so I see this feature as a way to protect those of us who may not be so savvy or alert to spot non-legitimate and suspicious apps,” said Mr H.Y. Leong, 71, the director of a travel company.
Mr Chua said the bank is still seeking customer feedback on the security feature and is looking at ways to make it more convenient for users.
He added that the security feature is an opportunity for users to take a closer look at the OCBC-flagged apps and make an informed decision if they should continue allowing those apps on their devices.
“At the same time we want the customers to (think about) why OCBC has flagged these apps as high-risk. We (should) question why certain apps need permission and access to (certain functions on your phone). Malicious apps often pose as innocent services or e-commerce apps,” he said.