BANK apps which offer mobile payment services are growing more popular here, especially among the young and tech- savvy.

DBS' PayLah! has attracted more than 240,000 users since its launch in May last year, while Dash - a collaboration between Singtel and Standard Chartered Bank - has been downloaded more than 150,000 times since it was introduced in June last year.

Customers using these apps can pay individuals or businesses using their mobile phones, with transaction amounts capped at $500 for Maybank's Maybank Mobile Money and $999 for PayLah!.

Mr Gene Wong, DBS' executive director of regional e-business, said: "Mobile is really transforming how customers are engaging with the bank. PayLah! was launched to enable small, casual payments and is intuitive to use."

The apps fall into two categories - mobile wallets, or the digital equivalents of physical wallets, such as PayLah! and Dash; and mobile banking apps which feature mobile payment services, such as Maybank Mobile Money and OCBC Bank's Pay Anyone.

All the apps require users to have bank accounts in Singapore.

App users like the convenient, cashless payment option when they are on the go.

Mr Arwinder Singh, a 25- year-old brand manager, said: "These apps allow easier access to my bank funds for small amounts. I also like being able to record exact transaction amounts I've spent directly from my bank account."

Besides the payment service, banks have also introduced new features to the apps, such as digital hongbao and donating money to charities.

According to Mr Wong, customers used PayLah! to donate money for Nepal earthquake victims.

The convenience that the apps provide is complemented by security measures.

Ms Sandhya Devanathan, head of retail products at StanChart, said: "Using the Dash app could be more secure than carrying cash in your wallet."

Dash users need a username and a six-digit PIN to access payment transactions in the app, and specific functions require a one-time PIN generated from a security token card.

Pay Anyone uses 2FA or two- factor authentication, while Maybank Mobile Money requires the payment recipient to get a PIN from the sender before he can collect the funds.

Security experts agreed that these are reliable authentication methods, but warned that the apps can still be vulnerable to hackers.

Mr Aloysius Cheang, managing director of Apac, Cloud Security Alliance, said: "2FA or OTP (one-time password) is definitely much better than the usual way of authenticating the user because credit-card details such as the credit-card number, name of card owner, expiry date and three- digit code on the back of the card can be easily leaked or tracked.

"In fact, these details are sold by the truckload for a few dollars only."

Mr Ali Fazeli, a senior consultant with Singapore-based cyber security firm Infinity Forensics, said: "The real risk for mobile banking applications is the smartphone and mobile technology itself.

"Mobile operation systems such as Apple iOS and Android are changing and updating continually. These may cause hidden vulnerabilities in the operation system, which hackers can use to gain access to mobile applications."