Making your digibank online login more resistant to phishing scams

DBS/POSB continues to strengthen our multi-layered defence against scams and fraud, so you can bank safely with peace of mind. As part of an industry-wide effort to step up protection against phishing scams, we will be strengthening the authentication process for digibank online logins.

Starting 29 July 2024, digital token users will need to authenticate their digibank online account login using their digital token. They can no longer use One-Time Passwords (OTPs) sent by text messages (SMS) or generated via the Digital Token.

Why We Are Doing This

While OTP was introduced as a multi-factor authentication option, scammers are increasingly using fake websites or social engineering to phish for customers’ OTP. In many cases, scammers use fake websites or text messages to deceive victims into providing their OTPs, which then enable them to access the victims’ accounts.

This new measure strengthens the authentication process, making it harder for scammers to fraudulently access a customer's account(s) and funds without physical access to their mobile device, adding a layer of protection against phishing scams.

To strengthen protection against phishing scams, banks in Singapore, in consultation with MAS, will progressively remove SMS One-Time Password (OTP) and Digital Token OTP as options for Digital Token users to perform multi-factor authentication (MFA) when logging in to their banking account(s).

How does this impact you

If you’re a digital token user logging into digibank online

When logging in, a push notification will be sent to your phone. Tap on it. Or you can open digibank mobile and tap on the ‘Digital Token’ icon
Select Approve to confirm that you’re logging in.

If you're currently using the Digital Token or physical token to log in to your digibank mobile app, this change will not impact you.

For a smoother experience, we recommend that you allow digibank mobile to send you push notifications.

digibank online
Authentication via digibank mobile

Already a digibank user?

Forgot User ID or PIN

Not yet a digibank user?

For customers with ATM/Debit/Credit Card

Get the latest DBS digibank mobile app now!

Frequently Asked Questions

How is DBS/POSB protecting me?

To enhance your security, digital token users can only use their digital token to authenticate their login to digibank online instead of SMS and Digital Token-generated One-Time Passwords (OTPs).

Does this affect my login to digibank mobile?

Login to your digibank mobile will not be affected. If you are a digital token user, digibank mobile login will continue with the digital token registered on your device.

Why am I not receiving push notifications?

To receive push notifications, ensure that your mobile device is connected to the Internet and you have turned on push notifications for your digibank mobile. Learn more on how to enable Push notifications for your Digital Token.

Alternatively, if you did not see the push notification, you may trigger the login authentication by tapping on the digital token icon in your digibank mobile.

Will DBS/POSB be phasing out use of SMS OTPs and OTPs generated by mobile banking apps for authentication of other types banking transactions?

This change will only impact digital token users logging into digibank online. Should there be any updates regarding other banking transactions in the future, we will keep you informed.

We encourage all customers to always remain vigilant. Never disclose your banking credentials or sensitive information such as your user ID, PIN or OTPs to anyone under any circumstances.

Was this information useful?