| Q1. |
What is 2-Factor Authentication (2FA)? And how is this different from how I currently access Internet and Mobile Banking? |
| Q2. |
Why is OCBC Bank introducing 2FA? |
| Q3. |
What are the benefits of migrating to 2FA? |
|
Q4.. |
Does 2FA apply to Mobile Banking users as well? |
| Q5. |
What is a 2FA Token? |
| Q6. |
What is a One-time Password (OTP)? |
| Q7. |
Can I choose more than one 2FA Token type? |
| Q8. |
Can I change my 2FA Token type after I have already made a selection? |
| Q9. |
How do I change my mobile number which has been registered for my SMS token? |
| Q10. |
Will I be able to reactivate my 2FA token if I had entered an incorrect OTP
5 times in succession? |
| |
|
| Q1. |
What is 2-Factor Authentication (2FA)? And how is this different from how I currently access Internet and Mobile Banking? |
| A1. |
2FA is a security process used to confirm an authorised user's identity using 2 distinct factors — what you know and what you have. In the 2FA Internet and Mobile Banking login process, in addition to entering your usual Access Code and PIN, you will also be required to enter a One-Time Password (OTP), generated by your 2FA Token, which acts as a 2nd level of authentication.
OCBC offers 3 simple 2FA Tokens for you to obtain an OTP — just choose the one that best suits your preference:-
- Hardware Token — a key-chain sized device that generates your OTPs on demand,
- Mobile Phone Token — a downloadable mobile phone application that lets you use your mobile phone to generate your OTPs, or
- SMS Token — OTPs will be sent via SMS to your pre-registered mobile phone number
Read the next question for more information about each of these tokens or click here for a quick overview. |
| |
back to top |
| |
|
| Q2. |
Why is OCBC Bank introducing 2FA? |
| |
OCBC Bank is committed to protecting the security and confidentiality of your personal information.
The introduction of 2-Factor Authentication is part of our ongoing efforts to ensure that our customers have a better peace of mind when banking online by providing an additional level of protection against online identity theft and other online frauds. |
| |
back to top |
| |
|
| Q3. |
What are the benefits of migrating to 2FA? |
| |
Besides providing better peace of mind when banking online, 2FA also enables even more convenience for transactions that require an even higher level of security. For example, accessing the "Add funds transfer beneficiaries" Internet Banking feature will now only require the simple generation of an OTP via a 2FA token, instead of the usual process of obtaining a TAC password from OCBC's Phone Banking service.
Furthermore, the enhanced online security provided by 2FA will also mean that more comprehensive online banking services can be made available to you in the future. |
| |
back to top |
| |
|
| Q4. |
Does 2FA apply to Mobile Banking users as well? |
| |
Yes, 2FA also applies to Mobile Banking users. With 2FA implemented, Mobile Banking users will log into Mobile Banking the same way as they would via Internet Banking; and this involves the following steps:
Step 1 - Users submit their usual login name and password (Same login details as Internet Banking)
Step 2 - Users submit an OTP as a 2nd level of authentication
For Mobile Banking users, it is worth noting that the Mobile Phone Token option provided by OCBC offers the most seamless login process when accessing Mobile Banking via your phone, by automatically generating and entering the OTP for you. |
| |
back to top |
| |
|
| Q5. |
What is a 2FA Token? |
| |
2FA Tokens are a means for users to obtain OTPs, which are needed for a 2nd level of authentication as they log into Internet Banking.
OCBC understands that our customers would have different considerations in mind when it comes to the ideal 2FA solution that causes the least impact to their daily lives, which is why we are offering 3 different 2FA Tokens for our Internet and Mobile Banking customers:-
- Hardware Token — a key-chain-sized device that generates OTPs.
The Hardware Token can be easily carried around by the user and it works anywhere because it can be used as a standalone device to generate OTPs.
- Mobile Phone Token — a software application installed in the user's mobile phone to generate OTPs. This option is highly recommended because not only will users avoid the need of carrying additional hardware devices, it can be used as a standalone device to generate the OTPs, i.e. without needing any mobile network coverage. This may be good news for those who travel frequently as it avoids roaming charges. Further, in the unfortunate event that it is lost or stolen, it's absence will more likely to be immediately detected thereby enabling earlier reporting to the Bank of its loss.
For Mobile Banking users: this option is particularly well suited for Mobile Banking users because it provides the most seamless login experience when accessing OCBC Mobile Banking via the mobile phone.
- SMS Token
For users who select this 2FA Token type, OTPs are automatically sent to their pre-registered mobile phone numbers via SMS every time they try to log into Internet or Mobile Banking. Like Mobile Phone Token users, SMS Token users avoid the need of carrying additional hardware devices. However, the delivery of SMSes is dependent on the user's mobile network operator's service level. Uses of the SMS Token may be subjected to roaming charges when overseas. Users who subscribe to number portability or number retention services should check with their mobile operators to confirm that SMSes sent by OCBC will be forwarded from their previous numbers to their new mobile phone numbers.
|
| |
back to top |
| |
|
| Q6. |
What is a One-time Password (OTP)? |
| |
A One-time Password (OTP) is a string of numeric characters that is generated by your 2FA Token and is used as a 2nd level of authentication during the login process to Internet & Mobile Banking. 2FA is secure because every OTP is unique and can only be used in conjunction with a user's Internet Banking Access Code. In addition, every OTP is valid for a few minutes only and can only be used once*.
*: Users will have to obtain a new OTP if he exceeds the time limit to enter it into the system.. |
| |
back to top |
| |
|
| Q7. |
Can I choose more than one 2FA Token type? |
| |
For online security reasons, each OCBC Internet Banking user may choose only one 2FA Token type. |
| |
back to top |
| |
|
| Q8. |
Can I change my 2FA Token type after I have already made a selection? |
| |
You may change to another 2FA Token type at any
stage after you have made an initial selection.
To switch to SMS or Hardware Token:
Now you can switch to another type of 2FA Token
conveniently at any OCBC ATMs. Alternatively,
please complete this form
and mail back to OCBC Bank.
For switching via OCBC ATM, please select
More Services > Internet / Mobile Phone Banking >
Internet / Mobile Banking 2FA Services > 2FA Token
Switching > Select SMS or Hardware Token
and follow the on-screen instructions.
To switch to
Mobile Phone Token:
Switching to Mobile
Phone Token is now instant with no form
application required.
All you need to do is to download the Mobile Phone
Token from the OCBC Mobile Banking site onto your
mobile phone, then activate it to complete the
switching! In this process, you will be required
to enter your Access Code and PIN, followed by the
OTP from your existing SMS or Hardware Token for
verification purposes. Click
here for more information on how to activate
the Mobile Phone Token. |
| |
back to top |
| |
|
|
| Q9. |
How do I change my mobile number which has been
registered for my SMS token? |
|
| |
You may proceed to any of our ATMs to update your mobile number
or use this form.
|
| |
back to top |
| |
|
| Q10. |
Will I be able to reactivate my 2FA token if I had entered an incorrect OTP
5 times in succession? |
| |
Yes, in order to reactivate your 2FA token, please proceed to any of our ATMs.
|
