Friday, September 25, 2015

What's Wrong #2 - DBS Bank


I have to make an online payment of $13 for the replacement of my Senior Citizen card issued by Transit Link.

The Transit Link website required me to enter my credit card detail. I received a SMS to provide an one time pin (OTP) to authenticate the payment.  The authentication failed, due to some problem with the platform.

I had to re-enter all the details again. It failed again. I tried the third time, and it went through.

During this time, my mobile phone was flat. I had to recharge it and retrieve the OTP within the 3 minutes allowed to me. It added to the trouble that I had to go through.

What's Wrong
The amount is only $13. There is no need to go through the trouble of authenticating this payment by SMS.

It is wasteful and unproductive to go through the authentication for small payments.

How to put it right
DBS Bank should allow the customer to set a threshold to require credit card payments to be authenticated.

Below this threshold, the customer does not need to authenticate the payment by the OTP. The customer will take the risk of fraudulent payment.




6 comments:

Anonymous said...

I prefer 'wasting' an extra 10 seconds for the OTP procedure than be subjected to security risks

Tan Kin Lian said...

I find Singapore to be inefficient and wasteful. It is not just a few seconds. It took me 15 minutes to go through the painful process.

Anonymous said...

Computers are stupid...no soft touch..There is no way to change the algorithym unless intervention by a human. Mr. Tan, don't get worked up. It means you are no better then the computer.

Tan Kin Lian said...

Those who prefer to authenticate all payments, regardless of amount, can set the threshold as $0. Those who prefer to authenticate payments of a higher amount can set a higher threshold. This will reduce the number of transactions that have to be authenticated and reduce processing cost.

Tan Kin Lian said...

@6:39 PM.
You can express your view, but you should avoid being personal. There is no need to be personal.

Anonymous said...

I have fed back repeatedly to the banks about these problems of locking out the real owners in the name of security. The real problem is that the CEOs left the IT security to young, fast & furious IT staff who has no ideas about the problems a fast aging populace faces. Ironically, it is this silver generation that will make the most valuable clientele to any bank as they are the ones with most investible savings & least likely to default payments. In short, this group of silver clients should be the banks most desired customers & they are letting their fast & furious IT brigade chase them away with their two factor authentication, password within passwords with alphanumeric with capital letters & all those complicated requirements that are a real challenge to our diminishing eyesight, foggy memories, less dexterous fingers , sigh, they are driving their most valuable customers to an early grave, or if we choose to save our lives, then we can drive the banks instead to their well deserved losses every quarter & leave them with young, fast & furious but penniless & likely to overspend & declare bankrupt type of customers who don't mind spending 10 seconds to zip through their easy authentications.

Blog Archive