74% in VN want OTP for every e-payment transaction: Kaspersky study

February 15, 2022 | 10:41 am GMT+7

More than three in five (67 per cent) users of digital banking and e-wallet apps in Southeast Asia prefer one-time-passwords by SMS for every transaction, a recent Kaspersky research has found.


The ‘Mapping a secure path for the future of digital payments in Asia-Pacific’ study found that a majority of respondents also want two-factor authentication (57 per cent) and biometric security features like facial and fingerprint recognition (56 per cent).

OTPs are the top priority for consumers in most Southeast Asian countries like Indonesia (67 per cent), Malaysia (66 per cent), the Philippines (75 per cent), Thailand (63 per cent), and Việt Nam (74 per cent) though in Singapore two-factor authentication is the most urgent concern (65 per cent).

Digital payment customers also welcome the use of machine learning for combating social engineering attacks. Almost half (40 per cent) said companies should start preventing frauds/scams automatically based on spending behaviour and/or transfer history.

Well over a quarter also said tokenization – the process of protecting sensitive data by replacing it with an algorithmically generated number called a token – could also improve the security of mobile banking and e-payment apps.

The study found that e-payment adopters in Southeast Asia are becoming increasingly aware of the importance of safeguarding their financial data amid the rapid rise in digital payment use.

And they are clear about the additional security features they hope to see implemented by banks and mobile wallet providers in future.

Yeo Siang Tiong, Kaspersky general manager for Southeast Asia, said: “SEA's sheer market size in terms of digital payment offers a lengthy runway for expansion. In a competitive sector, payment companies should be assessed not just on their innovations, but also on their security posture. We can draw from our findings that customers are increasingly becoming aware of the value of technology to protect their finances online.

“In general, these security features are useful preventive measures that can potentially enhance the cybersecurity standards in the digital payments space. However, these options should not be viewed in an isolated manner, but considered as part of a holistic cybersecurity framework.”

Yeo said to develop a long-term growth strategy, digital payment companies need to take into account some of the wants and needs of their users.

While some of the preventive measures are not entirely new and have been around for some time, it is crucial to consider how security features can be integrated in a manner without compromising the user experience, he said.

“Our study showed how customers are increasingly holding digital payment providers accountable for the security of their finances online, and so we tell companies to determine the cybersecurity gaps in each of the stages of their payment process, and fit in the right IT measures in a calibrated manner.”