By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Commentary: multiple two-factor tokens are a drag to users
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Enterprise > Commentary: multiple two-factor tokens are a drag to users
EnterpriseInternetSoftware

Commentary: multiple two-factor tokens are a drag to users

Alfred Siew
Last updated: July 28, 2014 at 8:17 AM
Alfred Siew Published December 21, 2013
6 Min Read
SHARE

multiple 2FA tokens in Singapore

If the number of gadgets above seems excessive, then you should see the rest I have stowed in my drawer.

All in, I have seven or eight active tokens – I’ve lost count – used to log on to online banking accounts. Some, I think, are expired, while others I don’t even remember are for which accounts.

I may be a minority among online banking users here in Singapore, but certainly the number of tokens that slowly add up these days can be bewildering for users who have more than a single bank account.

I have one for my personal account, another two for a current account for my sole proprietorship and another two for another company account. That’s not counting a couple of others for a joint account with my wife.

Having lots of bank accounts doesn’t mean you got lots of money in them, unfortunately. But it does get you saddled with lots of tokens these days, and it’s a hassle remembering which one is for what.

OCBC’s corporate accounts, for example, require one person to process online payments and another to approve it. While this safeguard is understandable, it applies even if you are the sole proprietor – you have to log in twice, separately, to transfer money to someone online. And that means logging in with the right tokens.

A few months ago, I had keyed in the password on the wrong token several times and ended up being locked out from the online accounts. I ended up writing a cheque, as I’ve always done.

Sadly, the situation isn’t going to improve, even though more people are being issued even more tokens these days.

About 23 per cent of Singapore users have two such authentication devices, also known as two-factor authentication (2FA) devices, according to a survey released earlier this year.

Some 14 per cent had four devices, while less than one percent – one respondent out of 500 surveyed – had eight devices. The study, carried out from March to August this year by Assurity, also revealed that the main concern for those who had more than one device was carrying too many devices.

The company, a government-owned outfit set up two years ago , has an agenda, of course. It provides OneKey, a token that promises to unify all the tokens out there, by linking log-ins for banks, brokerages and even schools through one central point.

The promise, however, is a long way from being fulfilled, despite the initial lofty aims. So far, government services are yet to be connected via OneKey. Many simple transactions such as checking your CPF balance still require only a simple online password.

The bigger issue is the private sector, in particular, banks. The big local banks – DBS, OCBC and UOB – have all invested early in 2FA technology. They were pushed to do so by the monetary authorities after the high-profile hacking of several user accounts years ago.

As a result, they could be unwilling to join any national programme, such as OneKey, by ripping out what already works. They each issue their own tokens today.

Another reason could be branding. Anyone who has tried partnering a bank will tell you they always think a customer “belongs” to them. They won’t surrender any relationship with a customer by letting in a third party.

Together, that has meant that the universal token, as pushed by the Singapore government, has taken very slow steps in the past two years to make things more convenient for users.

Since December 2011, only 14 service providers have joined the OneKey programme. Banks number only two – RHB and ICICI – though the list also includes a number of securities trading firms, such as CIMB Securities and MayBank Kim Eng.

More encouragingly, the nationwide system has got traction in areas such as Ngee Ann Polytechnic. Here, users gain access to school resources by logging in with an OneKey token.

Well, at least the young are using an universal token. The hope is that they will demand for change from the current system, where you can be saddled by so many tokens you end up just giving up on things.

That will be the ultimate backlash against a technology that is meant to empower users and protect them from online fraud.

In the years ahead, these tokens will become more sophisticated too. This year, for example, new tokens sent to you have enabled you to “sign” or approve a sensitive transaction, such as a money transfer. In the past, you were just flashed a simple password to log in.

When the next technology upgrade is considered, you’d hope that banks here will think of moving to a universal token, instead of going it alone again. At least offer an option to users who prefer to log in via the nationwide system.

Not only does that save costs for banks, it could mean the difference between a customer actually using a token and throwing it in a corner to look for the cheque book instead.

You Might Also Like

As TikTok faces a possible ban in the US, should users elsewhere be worried?

Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage

RedCap: A new cellular IoT technology for the 5G era

Debate on computational photography misses what’s real, what’s lived outside a frame

How mirrorless cameras can attract users in era of computational photography

TAGGED: 2FA, Assurity, banking tokens, DBS, OCBC, OneKey, think, UOB

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew December 21, 2013
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Holiday Gift Guide: cool stuff for a gamer
Next Article Fujitsu releases a tough tablet, an expensive Lifebook laptop
1 Comment
  • ToopherSeth says:
    December 22, 2013 at 1:45 am

    We already have a universal token–it’s the mobile phone. Mobile phone usage is pervasive among people between 15 and 55, and could easily be extended. Modern two-factor apps like Toopher are available on mobile phones, and they can generate the same one time passwords as the universal token. Would society benefit more from everyone having a single-purpose device or a phone? The answer is clear: the phone. (If you don’t believe me, watch this TED talk: http://www.ted.com/talks/iqbal_quadir_says_mobiles_fight_poverty.html.) Singapore should move to a universal smartphone app like Toopher, then distribute mobile phones to the few users who cannot bring their own device. This would lead to increased security and the global good of connected people.

    Reply

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Oppo Find N2 Flip review: A worthy flip phone alternative to Samsung
Cellphones Mobile March 26, 2023
As TikTok faces a possible ban in the US, should users elsewhere be worried?
Cybersecurity Internet March 24, 2023
Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage
Enterprise Internet March 23, 2023
RedCap: A new cellular IoT technology for the 5G era
Enterprise Software Telecom March 23, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?