DBS Introduces New 'Mobile Wallets' Security Toggle to Protect Customers from Phishing

DBS Bank has introduced a new security feature in its digibank app that requires customers to manually enable a toggle before adding cards to mobile wallets, creating an additional barrier against phishing-related fraud.

The Mobile Wallets security toggle addresses a specific fraud vector: criminals who obtain card details through phishing attacks and then add stolen credentials to digital wallets like Apple Pay or Google Pay to make contactless payments. By requiring customers to actively enable wallet provisioning before it can occur, DBS prevents fraudsters from silently adding phished card details to their own devices.

The feature is disabled by default, meaning customers must open their digibank app and turn on the toggle before they can add any DBS card to a mobile wallet. Once the provisioning is complete, the toggle can be disabled again, closing the window for unauthorised wallet additions.

DBS said the security enhancement was developed in response to the evolving tactics of payment fraud criminals, who have increasingly targeted mobile wallet provisioning as a way to monetise stolen card data. Traditional fraud prevention measures focus on transaction-level detection, but the wallet provisioning step occurs before any fraudulent transaction takes place.

The bank's approach of adding a simple, customer-controlled security step reflects a broader industry trend toward giving consumers more direct control over their payment security settings. The toggle adds minimal friction for legitimate customers while significantly reducing the risk of unauthorised wallet provisioning.

DBS serves millions of customers across Singapore and Asia and has been proactive in deploying anti-fraud measures across its digital banking platform.