Bank customers embrace two-factor authentication

gallery

Over 90 per cent of bank account holders want to use two-factor authentication for online banking, according to new survey findings.

The study carried out by IT security company RSA Security, found that 91 per cent of bank customers are willing to start using a new authentication method, beyond the standard 'username-and-password', if their banks decided to offer stronger security.

The results from the company's fourth annual Financial Institution Consumer Online Fraud Survey found that 69 per cent of respondents believed that financial institutions should replace username-and-password log-in with stronger authentication for online banking.

The survey of 1,678 adults from eight countries found that 58 per cent of banking customers wanted their bank to deploy stronger authentication for telephone banking.

Phishing emails continue to erode confidence in receiving emails from banks. 82 per cent of account holders are less likely to respond to an email from their bank because of such scams - up from 79 per cent in 2005 and 70 per cent in 2004 - and more than half said that they would be less likely to sign-up for or use online banking as a result.

Another 44 per cent of people said that they have become increasingly concerned about other security issues such as trojans and keyloggers over the last six months.

Chris Young, vice president and general manager of Consumer Solutions at RSA Security said that the banking industry and the market in general are moving in the right direction.

"More than 90 per cent of consumers are now willing to use stronger security when it's deployed, and this is something that banks should take into consideration when looking to accelerate their business," he said.

Donal Casey, a security consultant with Morse said that with so much competition, banks can no longer rely solely on education to convince customers to give online banking another go. He said that the industry should follow Alliance and Leicester and Lloyds TSB banks and offer customers two-factor authentication.

"This will help to prove customer identity and reassure customers that they are logging into the bank's genuine online banking website - addressing two of the biggest security concerns of both banks and customers alike," said Casey. "Only by taking such steps, can banks hope to eradicate misconceptions and beat cyber crime."

Other experts said that mounting pressure from consumers is forcing banks to seriously counter threats from criminals on the internet, but giving customers key fobs with one-time passcodes isn't the only solution.

"Banks must act now to lead the fight against fraud. Mobile phone authentication is only one of a number of available options, it is an attractive solution to combating fraud," said Paul Meadowcroft, head of transactions security at Thales e-Security.

"SIM cards are the largest application of smart card technology in the world so there is value in harnessing their growing processing power to perform other tasks such as identity authentication," he said.

Others think that costs will be a major factor in the deployment of tokens for bank customers.

Email to a friend

Print this page