First Direct upgrades banking security with VeriSign

First Direct quietly rolls out a more secure form of validation through its website, but only Internet Explorer users will be able to see the full benefits.

Internet banking customers from telephone and internet based bank First Direct now have an extra level of verification security.

From the beginning of this month, Internet Explorer 7 users logging in to internet banking on the First Direct website will have noticed a green address bar with the VeriSign label and a padlock icon.

This shows that First Direct has protected the website with Extended Validation Secure Sockets Layer (EV SSL) certificates, so that customers have visual confirmation they are using a legitimate banking site.

EV SSL is better secured than previous versions of SSL certification as it has to undergo stricter checks, with more information visible to the user. Internet Explorer 7 is the first browser to work with EV SSL.

"The primary purpose of SSL is to make things secure, and it still does that. EV SSL just takes it a step further. Not only does it make sure that actual link is not being intercepted but also it makes sure who you are talking to is who you think it is," said head of e-futures at First Direct Jonathan Etheridge.

"The key to this is to make sure the company is purchasing the certificate, in this case us, is identified by VeriSign. Although we are part of HSBC we have to go through very stringent checks, to make sure with the vendor we are who we say we are."

Most browsers don't differentiate between less secure sites and more vigorously tested ones, so fraudsters have started to use SSL to add credibility to their own web pages. With the better secured EV SSL confirmation, users will be able to see the organisation that owns the site as well as the security provider who issued the certification - in this case, VeriSign.

"The traditional padlock symbol enabled on our website by VeriSign's SSL Certificates have been a key part of the internet banking experience for our customers for many years," said Etheridge.

"Sophisticated phishing scams and stories of online fraud can create doubt and concerns for internet users. This enhanced protection will help maintain a relationship of trust with our customers, and is a further step in our fight against online fraud."

At the start of February half of First Direct's 885,000 customers were using Internet Explorer 7, so the other half with browsers like Mozilla Firefox and Opera will have to wait for future releases of their browsers to see full EV SSL validation features.

"We have to make sure that what we do works for the customer. We don't want to make things so difficult for the customer that they can't use the system, but you have to make life difficult for the person who wants to attack you," said Etheridge.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020