The bank clarifies that only apps with risky permission settings downloaded from unofficial platforms are flagged by its latest security measure.
SINGAPORE: OCBC Bank has addressed user concerns over its new security feature, which blocks access to its Internet banking and OCBC Digital app if certain risky apps are detected on a user’s mobile phone. The bank clarified on Tuesday (Aug 8) that only Android apps with dangerous permission settings—downloaded from unofficial sources—will trigger the alert.
“This feature targets apps not from official app stores that have risky permissions, potentially exposing devices to malware and scammers,” said Mr. Beaver Chua, head of anti-fraud at OCBC group financial crime compliance.
Concerns Raised by Users
Some users expressed frustration after being locked out of their banking services. Screenshots shared online showed a prompt identifying flagged apps, such as Douyin, Alipay, and LG’s smart appliance control app, with instructions to uninstall them before accessing OCBC services.
The bank has recommended reinstalling flagged apps from official platforms like the Google Play Store or Huawei AppGallery.
Addressing Privacy Worries
In response to privacy concerns, Mr. Chua emphasized, “The bank cannot scan your phone or see your content. All information remains localized on your device.” The Association of Banks in Singapore (ABS) echoed this, stating that the bank’s security features do not monitor phone activity or collect personal data.
Effectiveness Against Malware
Since the rollout on Saturday, OCBC has reported zero cases of malware-related scams among users who updated their app—a significant drop from receiving at least one scam report daily prior to Aug 5.
While some users criticized the inconvenience, others, such as 71-year-old HY Leong, welcomed the added layer of security, viewing it as crucial protection against scams targeting less tech-savvy individuals.
Moving Forward
OCBC is gathering user feedback to refine the feature. Mr. Chua urged customers to scrutinize flagged apps, questioning why certain permissions are requested. “Malicious apps often disguise themselves as innocent services,” he noted, emphasizing the importance of informed decisions regarding app usage.
