OCBC has rolled out a digital "soft" token on its mobile banking app, in a move that is expected to save the bank some S$25 million in five years, by eliminating the issuance of hardware security tokens, and reducing SMS OTPs (one-time passwords).
Since its January launch in Singapore, more than one in four digital customers have activated OCBC OneToken on their mobile devices, OCBC said. In addition, more than two million transactions have been performed and authenticated with OCBC OneToken.
The digital token is integrated for use with biometric authentication or access code and PIN, offering customers access to digital banking services on-the-go and on their desktop, the bank said.
"After a simple one-time setup, OCBC OneToken is instantly activated on the customer's mobile phone. Customers can then perform all digital banking services - from basic services such as viewing bank accounts, to making payments and transfers, and even high-risk transactions such as adding payees and updating personal details," OCBC said.
"Even if a customer is travelling or has no data network connectivity, OTPs can be generated offline on their OCBC OneToken-registered mobile phone. Customers can also instantly reactivate OCBC OneToken on another phone if they switch or upgrade devices, which happens once every two years on average in Singapore," the bank added.
Aditya Gupta, OCBC's head of e-business in Singapore and Malaysia, noted that the move towards digital security tokens will allow customers to do away with their hardware tokens, and bank more "seamlessly and securely".
"Everyone has their mobile device with them almost all the time, so having OCBC OneToken on their mobile makes digital banking totally frictionless - no SMS OTPs, no hardware tokens, no passwords needed for authentication. We are excited about the positive initial customer response, and are confident that a majority of our digital consumers will embrace this," Mr Gupta added.
OCBC Malaysia customers will be able to use the service from March onwards.