Two follow-up stories on my post regarding the DBS/POSB ATM saga. Encasing my NETS card in lucite!

Photo by the writer of Some things to Remember.

Notifications

From Channel News Asia, posted yesterday evening:

SINGAPORE: DBS Group Holdings chief executive Piyush Gupta said the bank will provide SMS alerts for ATM withdrawals beyond a certain amount or when it detects unusual transaction activity.

The move comes after 400 customers fell victim to a card skimming fraud where S$500,000 was withdrawn from their bank accounts without their authorisation over two days on January 4 and 5.

On the surface this sounds like great news, and I applaud it.

What worries me are the dates reported. If you'll recall, in my last post the article I quoted said the skimming took place last November. An honest mistake, or have there been more incidents since? And if so, I'm sure other banks have been affected too… are DBS/POSB the only ones fessing up?

Give us better security!

Whatever the case, it seems consumers are starting to demand better security which makes nothing but sense:

SINGAPORE: Most Singaporeans Channel NewsAsia spoke to said they will continue to use ATMs despite the latest fraud which hit 400 POSB and DBS customers this week.

However, they said they expect the bank to beef up ATM security to prevent a similar incident in the future.

Of course, they have reservations about security that should sound familiar to those setting up any secure IT infrastructre:

“Change the PIN number? But I’m afraid I can’t remember the number,” said one customer.

“Everyone has so many numbers to remember, so many passwords to remember. I think it’s difficult,” said another.

Leaving aside the issue that unless PINs were changed every single time the precaution wouldn't have prevented the fraud, one can't help but think there has to be a better way.

In the meantime, our old buddy education will have to be employed. The onus should be on banks to inspect their ATMs more thoroughly and regularly for tampering, but consumers should also be made aware of how to spot fraudulent modifications, just as they would look out for suspect email. The fact Singaporeans have largely been spared the onslaught of skimmers in the past may be a fact that works against them.