In a global of consumer banking practices, Malaysians ranked as most prodigious when it comes to using different passwords to access multiple accounts, with 36% using five or less passwords to access multiple accounts.
Editor's recommendation: 2FA banking is dead
The FICO’s Consumer Digital Banking Survey found a notable percentage of Malaysians are not taking the necessary precautions to protect their passwords and logins when banking online. The study found that only 46% are using separate passwords to access multiple accounts; 22% have between two to five passwords they reuse across accounts; and a staggering 14% use a single password across all accounts.
Additionally, 23% of respondents use an encrypted password manager — which many consider best practice — while 22% adopted risky approaches to recall passwords, such as writing them down in a notebook.
FICO’s study shows that consumers struggle to recall their current passwords. Nearly half of respondents 45% say they were unable to check an account balance. Forgotten usernames and passwords also affect new account openings, with 20% saying that it has stopped them doing so with an existing provider.
This is noteworthy as consumers are more willing than ever to bank online. The study found that 78% of Malaysians say they would open a financial account online, including personal loans (28%), credit cards (45%) and everyday transaction accounts (65%).
In the Philippines, digital banking appears to be gaining traction more readily with the same FICO study revealing that 26% of Filipinos prefer to open a bank account on their phone, and 76% of consumers saying they would open a financial account online.
Of those that would open a financial account online, 40% would consider doing so for an everyday transaction account, 38% for a credit card and 33% for a personal loan.
Bucking expectations, it was older (55+) consumers (46%) in the Philippines who were more likely to be leading the digital push with the youngest (28% among 18-24 years old) Filipinos being the laggards.
The good and bad of SMS authentication
According to FICO’s Sarah Rutherford, the most popular mobile phone-based technology to secure accounts in most countries surveyed, is sending one-time passcodes (OTPs) by SMS text.
“OTPs by text are a well-established form of authentication and ubiquitous for use in payments and banking – it’s not surprising that this familiarity has made many people comfortable with them,” she added.
The bad news is this popularity has made this option a target for criminals who can intercept texts with SIM swap frauds. Rutherford suggested that financial organizations need more than OTPs in their arsenal, particularly when it comes to high-risk transactions or activities where levels of suspicion require them to step up authentication.
Among Malaysians, the use of fingerprints was the most widely accepted approach (79%), facial scans came second (38%) and eye scans last (27%). A more popular alternative with Malaysians was an analysis of how they type their password (74%), a technique known as behavioural biometrics.
The survey also asked Malaysians about the current security used when logging into their mobile banking apps beyond traditional usernames and passwords.