Fraud levels are significantly lower than in other Asian countries which, in part, can be attributed to the fact that Singapore is a mature market and has adopted strong fraud protection measures. However, there is no room for complacency, with increased intra-Asia travel driving up fraud and some evidence of a growing awareness among the authorities of the risks of online payment fraud.
In 2012, the Monetary Authority of Singapore addressed security issues as part of its Consultation Paper on The Technology Risk Management Guidelines. These included security measures for online systems, including two-factor authentication for online and mobile payments.
Although EMV migration began in 2010 in Singapore, migration to chip cards has been rather slow, with 60% of DBS chip-enabled cards after three years. An acceleration of the EMV programme was prompted by a series of card skimming attacks and fraudulent withdrawals from DBS ATMs in 2012.
Moves are now in place to accelerate the adoption of chip cards by encouraging customers to upgrade their ATM cards to chip-based credit and debit cards that will retain all ATM card functions. The Association of Banks in Singapore wants to completely phase out magnetic stripe cards (for domestic use) by the end of 2014.
Other fraud prevention measures introduced in Singapore include secure activation procedures for new and replacement cards, SMS or e-mail notification when transactions are made or an agreed limit is exceeded and approval for implementation of a dynamic password (one-time-password), authenticating customers prior to online transactions with participating merchants. In June 2014, MAS also issued consumer guidelines to protect against ‘phishing’ attacks.
75% of the population in Singapore is Internet-enabled and opportunities for ecommerce (and online fraud) are increasing. Ecommerce take-up to date has been relatively slow, but several ecommerce merchants are regarding Singapore as a base to test strategies prior to expanding into other South-East Asian markets. As well as Qoo10 and Zalora, Rakuten (a Japanese ecommerce giant) has now established headquarters in Singapore. For all of these merchants, it will be important to understand the fraud profiles of their target markets, the fraud prevention tools and third party providers available to them and to tailor fraud strategies appropriately.