Toppan Forms is partnering with Assurity Trusted Solutions to launch a two-factor authentication (2FA) solution which will help boost the security of electronic statements (e-statements) in Singapore.
The solution leverages on Assurity's Onekey 2FA device to enable recipients to access their e-statements securely from their email inboxes.
Currently, end users are usually required to log into their service provider's portal to view their e-statements. As this process is a hassle, users might forget to check their e-statements, which may lead to disputes between them and service providers.
E-statements that are sent to the end user's inbox today are usually accessible without a password or with a static password too. If the recipient's email account is compromised, the hacker can thus hack the e-statements' passwords (if any) and obtain the recipient's personal and financial information.
With the new solution, end users will receive the e-statements directly in their designated email inboxes before unlocking them securely using the one time password (OTP) generated by their OneKey device.
Chai Chin Loon, chief operating officer of Assurity, said that unlike static passwords, OTPs are not vulnerable to replay attacks. "Even if the cyber intruder manages to record an OTP that was already used to log into the recipient's e-statement, he/she would not be able to abuse it since it will no longer be valid."
The new solution can be used by existing service providers who have subscribed to the nationwide 2FA system and whose customers are currently using OneKey. Companies in both the public and private sectors that are looking for a secure 2FA-enabled solution in their e-statements are also able to utilise the new solution.
Sign up for CIO Asia eNewsletters.