Incorporating a consumer protection by design mindset

Why businesses should bake consumer protection into their services.

Incorporating a consumer protection by design mindset
Photo Credit: Unsplash/Rob Sarmiento

Businesses should do more to protect their customers and bake consumer security into their services.

The former deputy Chief Executive of CSA, Ng Hoo Ming suggested this when I spoke with him in March.

His suggestion is more relevant than ever, as Singapore agencies this week announced a shift to the protected sender ID of "" for SMS.

Protection by design

As Hoo Ming observed, current practices don’t offer adequate protection to customers amid today's complex digital landscape.


  • Money we put in a bank is protected.
  • Employee fraud, bank robberies don’t affect us.
  • Yet bank accounts can be emptied via online scams.

Sure, the onus is on us to stay updated and vigilant.

Yet businesses employ robust cybersecurity measures to protect their employees; Why can’t they provide stronger safeguards for the customers they claim to care about?

Erosion of trust

There is a pressing need for a deeper discussion about how businesses can do more to protect consumers, says Hoo Ming.

A potential problem of doing nothing would be an erosion of trust in institutions and businesses - with potentially disastrous consequences.

It takes great effort to tackle cybercrime and build trust. Some suggestions:

  • Countries must work together to tackle cybercrime.
  • Governments to provide a secure digital environment.
  • Have businesses add a "cyber" section to annual reports.

Consumer protection by design

Here's a quote that quipped my interest:

“Businesses must take care of not just their corporate infrastructure, but also adopt a more customer-centric approach to protect consumer transactions, instead of pushing the responsibility back to end-users.”

Today, it would be unthinkable to purchase a car without seat belts. Moreover, some car owners would even be prepared to pay more for a vehicle with additional airbags.

Perhaps a similar approach could be taken for cybersecurity. What do you think?

Read the full article on GovWare here.