First Direct upgrades banking security with VeriSign

First Direct quietly rolls out a more secure form of validation through its website, but only Internet Explorer users will be able to see the full benefits.

Internet banking customers from telephone and internet based bank First Direct now have an extra level of verification security.

From the beginning of this month, Internet Explorer 7 users logging in to internet banking on the First Direct website will have noticed a green address bar with the VeriSign label and a padlock icon.

This shows that First Direct has protected the website with Extended Validation Secure Sockets Layer (EV SSL) certificates, so that customers have visual confirmation they are using a legitimate banking site.

EV SSL is better secured than previous versions of SSL certification as it has to undergo stricter checks, with more information visible to the user. Internet Explorer 7 is the first browser to work with EV SSL.

"The primary purpose of SSL is to make things secure, and it still does that. EV SSL just takes it a step further. Not only does it make sure that actual link is not being intercepted but also it makes sure who you are talking to is who you think it is," said head of e-futures at First Direct Jonathan Etheridge.

"The key to this is to make sure the company is purchasing the certificate, in this case us, is identified by VeriSign. Although we are part of HSBC we have to go through very stringent checks, to make sure with the vendor we are who we say we are."

Most browsers don't differentiate between less secure sites and more vigorously tested ones, so fraudsters have started to use SSL to add credibility to their own web pages. With the better secured EV SSL confirmation, users will be able to see the organisation that owns the site as well as the security provider who issued the certification - in this case, VeriSign.

"The traditional padlock symbol enabled on our website by VeriSign's SSL Certificates have been a key part of the internet banking experience for our customers for many years," said Etheridge.

"Sophisticated phishing scams and stories of online fraud can create doubt and concerns for internet users. This enhanced protection will help maintain a relationship of trust with our customers, and is a further step in our fight against online fraud."

At the start of February half of First Direct's 885,000 customers were using Internet Explorer 7, so the other half with browsers like Mozilla Firefox and Opera will have to wait for future releases of their browsers to see full EV SSL validation features.

"We have to make sure that what we do works for the customer. We don't want to make things so difficult for the customer that they can't use the system, but you have to make life difficult for the person who wants to attack you," said Etheridge.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021