MORE THAN 50 PERCENT OF SINGAPOREANS DO NOT PROTECT ONLINE ACCOUNTS ADEQUATELY, SURVEY RESULTS SHOWJoe and Black Hat comic characters to bring good cyber hygiene practices and 2FA to life at public libraries across Singapore
Thursday, 26 July 2012, Singapore.
Claims of email and social networking accounts being hacked into and personal data and photos being stolen for criminal use are becoming more frequent in Singapore and globally, but despite this, most Singaporeans are still not protecting their online accounts with cyber-safe practices such as using unique passwords and changing their passwords regularly, much less activating two-factor authentication (2FA), according to a survey of 346 Singaporeans by Assurity Trusted Solutions (Assurity) at Raffles Place from 2 to 4 April 2012. Assurity is the first operator to provide 2FA services as part of IDA’s nationwide initiatives for strong authentication.
The survey results show that social networking (82 percent of all respondents) followed by online banking (72 percent) and online shopping (71 percent) are Singaporeans' most popular online activities at home. The survey results also show that 60 percent of the respondents who file tax returns online never change their passwords; 7 percent do so quarterly as recommended. Furthermore, 59 percent of the respondents who use other government services never change their passwords. For users of online banking services, 10 percent of respondents change their passwords quarterly as recommended; 52 percent of respondents never change their passwords. For security traders who trade online, 54 percent of the respondents never change their passwords; only 9 percent change their passwords quarterly. 45 percent of all respondents do not have different passwords for all their online accounts.
Mr Chai Chin Loon, Chief Operating Officer of Assurity said, “Good cyber hygiene practices are generally lacking across the board. Starting with first-factor authentication (1FA), passwords should be changed quarterly. Always use complex passwords comprising at least one upper-case letter, one lower-case letter, a special character and a number. Finally, avoid using the same password for all your online accounts. Use a unique password for each account.”
The survey results also show that 74 percent of the respondents acknowledge 2FA as a key element of an ideal security protocol.
“Clearly, the failure to activate 2FA is not due to a lack of awareness. End users should also activate 2FA whenever possible to strengthen their online security,” said Chin Loon.Most concerned about financial loss
When asked what they were most concerned about when performing an online transaction, most of the respondents indicated someone hacking into their financial information (68 percent) followed by identity theft (45 percent) and their private information being made public (44 percent). “Given their primary fear of financial loss, the banks' current or imminent introduction of 2FA with transaction signing should go down well with consumers who do not mind the slight inconvenience in exchange for enhanced security,” said Chin Loon. The survey also showed a statistically significant correlation between currently “using 2FA for online banking” and “regarding 2FA as an ideal security protocol for online banking” - a correlation that was not seen in other categories.
Chin Loon said, “These insights are valuable as they suggest that consumers who conduct online banking are already more vigilant against cybercrime than other categories of consumers. We should thus focus our education on making 2FA a way of life for sensitive online transactions, including email, social networking, accessing online health records and financial information, etc.”Bringing 2FA to life at public libraries
To help bridge the gap between Singaporeans' 2FA awareness and actual practice, Assurity's comic characters Joe and Black Hat will make appearances at 2FA awareness talks to be held at various public libraries in Singapore from now until November 2012. Their next appearance will be at a free 2FA awareness talk at Ang Mo Kio public library this Saturday, 28 Jul 12 from 2 to 3pm. The public can also log on to www.onekey.sg and click on “Events” for more information and registration details.
Monday, 11 June 2012, Singapore. News of personal email accounts and social networking sites being hacked into have become very common in recent years. Conventional usernames and passwords, also known as first-factor authentication, are simply not secure enough to stem the rising trend of online identity theft. End users need to start activating two-factor authentication or 2FA, according to experts from Assurity Trusted Solutions (Assurity).
To equip Singaporeans with practical skills to protect their online accounts and transactions, Assurity will launch its inaugural 2FA awareness talk at Pasir Ris Public Library, National Library Board on Saturday, 14 July 12. A detailed schedule of subsequent talks held by Assurity's “white hats” or team of 2FA experts can be found in Appendix.
Mr Chai Chin Loon, Chief Operating Officer of Assurity said, “Although the concept of 2FA is not new, we have discovered from our ongoing exhibitions at various libraries in Singapore that the awareness of 2FA and good cyber hygiene practices among the public can be improved. The talk will help us reach out to the heartlanders and lay the foundation for greater awareness of and adoption of 2FA. 2FA will play an increasingly important role in our lives amid the rising global trend of online fraud and identity theft.”
The popular characters Joe and Black Hat will be present before each talk to distribute a quick quiz to test participants' 2FA awareness and to urge vigilance against cyber crime.
For more information about the talks, the public can log on to www.onekey.sg and click on “Events” or visit www.facebook.com/okonekey for regular updates.
Surf on http://golibrary.nlb.gov.sg/ or pick up the free monthly issue of Go Library at all 24 Public libraries for regular updates.
Wednesday, 2 May 2012, Singapore. Two-factor authentication or 2FA will soon become a fact of life for every Singaporean when banks, securities trading firms and other e-service providers adopt the OneKey 2FA device to protect their end users' online transactions. To help Singaporeans understand 2FA better, Assurity Trusted Solutions (Assurity) will launch an interactive exhibition at Central Public Library, National Library Board on 4 May 12. The exhibition features a cabinet with four informational plasma screens, one of which features a challenging cyber maze game. The exhibition will be held for two weeks, after which it will tour various libraries throughout Singapore. A detailed schedule can be found in Appendix.
Mr Chai Chin Loon, Chief Operating Officer of Assurity said, “Although the concept of 2FA is not new, we discovered from our recent roadshow at Raffles Place that the awareness of 2FA and good cyber hygiene practices among the public can be improved. The exhibition will help us reach out to the heartlanders and lay the foundation for greater awareness of and adoption of 2FA. 2FA will play an increasingly important role in our lives amid the rising global trend of online fraud and identity theft.”
An hour-long talk will also be held at each public venue to drive home the exhibition's messages. The popular characters Joe and Black Hat, who first appeared at the Raffles Place roadshow, will be present before each talk to urge the public to view the exhibition, fill out a quick quiz to test their 2FA awareness and also attend the talk.
Surf on http://golibrary.nlb.gov.sg/ or pick up the free monthly issue of Go Library at all 24 Public libraries for regular updates.
Singapore 2 April 2012 – Another Five new securities trading firms have come on board the national two-factor authentication (2FA) system, namely, AmFraser, CIMB Securities, DMG & Partners Securities Pte Ltd, Lim & Tan Securities and UOB Kay Hian. They will join the two current securities trading firms, Maybank Kim Eng Securities and Phillip Securities, in offering the OneKey 2FA device to protect their investors' online transactions. Each Service Provider will activate 2FA for its online services according to its own schedule.
Security for online transactions gets a boost in Singapore today with the launch of a new second factor authentication (2FA) device called “OneKey”. This device will be issued to all Singaporeans and Permanent Residents above 15 years of age. Speaking at a roadshow to raise awareness of cyber security among securities investors, Mr Chai Chin Loon, Chief Operating Officer of Assurity Trusted Solutions (Assurity) said, “With five more securities trading firms on board the national 2FA system, we estimate that a few hundred thousand users will soon enjoy the enhanced security and convenience of using just OneKey.”Rising trend of online fraud and identity theft
Mr Chai said, “Currently to trade online, most securities investors need only key in their username and password (also known as first-factor authentication or 1FA), which is required to be unique, complex and changed regularly. 2FA transactions based on OTP provide an important additional layer of protection to counter cyber attacks. This is significantly more secure.”
Ms Melinda Sam, Chief Executive Officer of the Securities Association of Singapore said the adoption of OneKey by 80 percent of Singapore's retail stockbroking firms is most timely as “more and more investors are IT savvy and trading online." She said, "Online securities trading is becoming more common. 10 years ago, less than 10 percent of investors traded online. Today, more than 50 percent do so. However, with convenience comes risk and OneKey helps to mitigate such risks. We encourage investors to adopt 2FA for the additional peace of mind in their trading."
In addition to safeguarding investors' online transactions, OneKey also gives them access to multiple online platforms for online banking and e-government services. Those who use diverse online services can look forward to the convenience of using just OneKey as other Service Providers come on board.
Mr Lim Hup Seng, Executive Chairman of Assurity, said, “OneKey is the world's first national 2FA device for users of public and private sector online services. This means users can protect their online transactions over a wide range of Service Providers using just OneKey. The convenience of carrying just one device instead of being saddled with multiple tokens will soon be a reality as more Service Providers come on board this year.”Cyber security roadshow
For more information, the public can visit the OneKey website at where they can also get the latest e-Security updates. Assurity has a 24-hour Hotline at: 65-6566 3539 (OKONEKEY) to address enquiries about OneKey.
Singapore, 16 January 2012 – Turn on your 2FA this festive season to reduce the risk of 'Lost in Spain/Algeria'-type scams” - this is the message Assurity Trusted Solutions (Assurity) wants to put across to Singaporeans ahead of the Chinese New Year holidays. “The Chinese New Year holidays are a popular period for Singaporeans to vacation overseas. If they do not activate 2FA for their email accounts and social networking sites, they may become vulnerable to attacks by hackers who may exploit their accounts to send out 'Lost in Spain/Algeria'-type emails to their unsuspecting friends and relatives,” said Mr Chai Chin Loon, Chief Operating Officer of Assurity, a wholly owned subsidiary of the Infocomm Development Authority of Singapore (IDA). Assurity is also the first operator of the national two-factor authentication system. Currently, Gmail and Facebook offer 2FA in Singapore. Mr Chai says it takes fewer than five minutes to activate 2FA.
You can quickly turn on your 2FA on gmail by referring to: http://support.google.com/accounts/bin/static.py?hl=en&topic=1056284&guide=1056283&page=guide.cs
And similarly you can turn on your 2FA for facebook by referring to :http://www.facebook.com/note.php?note_id=10150172618258920
Singapore, 12 December 2011 – Service providers such as banks and securities trading firms can now offer their end users the security and convenience of using just one two-factor authentication (2FA) device (OneKey). This was announced today by Assurity Trusted Solutions (Assurity), a wholly-owned subsidiary of Infocomm Development Authority of Singapore (IDA), at the public launch of OneKey.
Speaking at the event, Mr Chai Chin Loon, Chief Operating Officer of Assurity said, “Today marks a milestone for national e-security as the national two-factor authentication system goes live. With OneKey, end users would be able to make more secure online transactions and access multiple services using just one security device.”
Rising trend of online fraud and identity theft. Amid the rising trend of online fraud and identity theft, banks and securities trading firms have been required to put in place a 2FA platform for customers to make electronic transactions. The 2FA platform is an important second line of defence against unauthorised transactions.
A basic 2FA platform requires a user to receive a one-time password (OTP), either via a physical device, or through a text message to his personal electronic devices (such as handphone), to complete the transaction. These devices are vulnerable to malware that can steal personal information and sniff out unencrypted text messages. A recent spate of man-in-the-middle attacks, SpyEye being a high-profile example, have exposed the vulnerabilities of basic 2FA using OTP only. The introduction of OneKey will help safeguard end users' online transactions with its triple functions of OTP, Challenge Response and Transaction Signing.
Mr Chai said, “Typical 2FA transactions based on just OTP, either through hardware device or SMS, can still be exploited by man-in-the-middle attacks. Transaction Signing will require users to key in their transaction details, which provide an additional layer of security to detect any changes to the details. One can think of Transaction Signing in OneKey as the equivalent of signing an online cheque.”
OneKey is developed by ST Electronics. The device is manufactured by VASCO Data Security International Inc, a US-based leader in strong authentication and e-signature solutions.
Mr Lim Hup Seng, Executive Chairman of Assurity said, “We are in the era of the Internet and e-transactions will be a way of life. We envisage that in time to come, the majority of the people will transact online. The national two-factor authentication system is now live. Service Providers can now protect their end users' online transactions. OneKey offers security with convenience.”
The pioneer Service Providers to rise to the challenge are Phillip Securities Pte Ltd, Kim Eng Securities Pte Ltd and ST Electronics. Phillip Securities and Kim Eng Securities have started integration testing and will pilot OneKey among their end users soon. Employees of ST Electronics and Engineering have started using OneKey.
Accessing multiple online platforms with just OneKey
OneKey also gives users access to multiple online platforms. They may do online banking and online securities trading with just a single device. Users can look forward to the convenience of using just OneKey as more Service Providers come on board.
Ms Rachel Lee, Managing Director of SC Auto Industries says, “I am really excited about this new national initiative to consolidate all 2FA tokens into a single device. I now hold nine tokens for both my personal and corporate banking. It is such a nightmare especially when I am overseas and have to make payment approvals and fund transfers! Now I can have the option of carrying just OneKey.”
E-security awareness programme
From January 2012, Assurity will roll out a year-long public education programme to guide consumers on how to use OneKey. There will be talks and exhibitions to engage the public. These public exhibitions will take the fun-and-games approach. The first public education outreach was held today at lunchtime at Mapletree Business City.
For more information, visit the OneKey website: www.onekey.sg or call the 24-hour Hotline at: 65-65663539 (OKONEKEY).
The National Authentication Framework was recognised by KPMG's prestigious Infrastructure 100 in a report released at the recent World Cities Summit.- July 2012
Increased global connectivity means that data security is quickly becoming a critical issue. The National Authentication Framework in Singapore is a key program under the iN2015 Masterplan to deploy a trusted and cost-effective nationwide platform for strong authentication by public-facing online services that handle sensitive information and/ or facilitate transactions. The new system will boost the security of the country’s communication infrastructure by providing a more rigorous process of identification; thus safeguarding against unauthorized access to sensitive information such as bank account details, securities trading account details or electronic health records.
Source: Infrastructure 100 Report
Raise Cyber Security Awareness Among Your Staff - How's How! - 25 January 2012
As part of our public education outreach, Assurity will organise a series of lunchtime talks at public-and private-sector companies. The hour-long talks will cover topics related to cyber security, including the role of two-factor authentication (2FA) in protecting our online financial transactions. The talks are aimed at empowering executives with the knowledge and skills to protect their online financial transactions amid the rising trend of cyber crimes in Singapore. We also aim to familiarise executives with OneKey, Singapore's first 2FA security device for users of private-and public-sector online services.
We would like to invite public-and private-sector organisations to be our partners cyber crime prevention by hosting the talk on your premises for the benefit of your employees. Please feel free to email email@example.com to schedule a date or for more information.
We would like to invite public-and private-sector organisations to be our partners in cyber crime prevention.
12 December 2011 @ MapleTree Business City
OneKey, the world's first national two-factor authentication device for users of private and public sector online services, was launched on 12 December 2011 at Mapletree Business City. Service Providers from the financial industry (banks and securities trading firms) and government agencies were present to witness a sweltering performance by Zingo Drums as a prelude to the launch. The lunchtime crowd was also entertained by the rousing music of popular acoustic duo Jack & Rai who creatively interspersed their music with the OneKey keywords of enhanced eSecurity and convenience. Mr Lim Hup Seng, Executive Chairman of Assurity Trusted Solutions, was on hand to present tokens of appreciation to the pioneer Service Providers Phillip Securities Pte Ltd and Kim Eng Securities Pte Ltd, and also to the Guest-of-Honour Mr Ronnie Tay, Chief Executive of IDA. With the launch of OneKey, eligible Singaporeans, Permanent Residents and FIN Pass holders can look forward to the convenience of accessing multiple online platforms with just one 2FA security device.
KPMG: Infrastructure 100 World Cities Edition National Authentication Framework
Channelnewsasia.com, 16 Jan 2012 Consumers urged to boost online security
The Straits Times, 12 Dec 2011 New OneKey device to cut clutter of password tokens
Channelnewsasia.com, 12 Dec 2011 OneKey for more secure online transactions
ZDNet, 12 Dec 2011 S'pore welcomes NAF, 2FA token
The Straits Times, 8 Oct 2011 Clutter of password tokens here to stay?