• If Laksaboy Forums appears down for you, you can google for "Laksaboy" as it will always be updated with the current URL.

    Due to MDA website filtering, please update your bookmark to https://laksaboyforum.xyz

    1. For any advertising enqueries or technical difficulties (e.g. registration or account issues), please send us a Private Message or contact us via our Contact Form and we will reply to you promptly.

KrisFlyer to introduce two-factor authentication, after some users reported compromis

L

LaksaNews

Myth
Member
singapore-airlines-last-offered-cabin-crew-unpaid-leave-in-2009-after-the-global-financial-crisis-1501825471035-2--1-.jpg

SINGAPORE: KrisFlyer, Singapore Airlines (SIA)'s frequent flyer programme, will have tighter account security with the introduction of two-factor authentication (2FA) from Jun 29.
The national carrier sent an email to KrisFlyer members on Friday (May 18), asking them to ensure the mobile numbers and email addresses listed on their KrisFlyer profiles were up-to-date and actively used in preparation for this.
AdvertisementOnce 2FA is implemented, members will be asked to enter a one-time password (OTP) for certain KrisFlyer transactions such as accessing their profiles or making changes to their redemption group nominees.
By default, the OTP will be sent to the user's registered mobile number, with the registered email address used as an alternative if the mobile number is not be available, SIA said in the email.

The move comes about a month after the airline acknowledged that some KrisFlyer member accounts may have been compromised.
One KrisFlyer member, 34-year-old general manager Sherie Low, reported having 76,000 miles stolen from her account.
AdvertisementAdvertisementWhile there were alerts about the redemptions sent to an email address linked to her KrisFlyer account, Ms Low told Channel NewsAsia last month that the email account was inactive and she did not check it.
She said she thought that KrisFlyer should update its system security. Currently, members can log into their accounts using their membership account number and a six-digit PIN.

"At the very least it should be protected with a one-time password," she had said. "They cannot have such a flimsy system that allows hackers to get into accounts so easily and also add nominees so easily."
Another Facebook user by the name of Abhishek Singh also posted on SIA's Facebook page in February about an alleged theft of KrisFlyer miles.
Security experts Channel NewsAsia spoke to last month said numeric-only passwords, such as those currently used by KrisFlyer and some other frequent flyer programmes, are “extremely weak” and could potentially be cracked in minutes.
Multi-factor authentication, where users need to authenticate their credentials more than once in order to access their accounts, was one way airlines could improve the security of their frequent flier programmes, some of these experts had suggested.

Let's block ads! (Why?)


More...
 
You must log in or register to reply here.
Back
Top