Regional sites:
Specialized sites:
But threats such as phishing haven’t gone away. Online banking fraud accounted for £52.5 million of the losses reported by APACS for 2008 - up 132% on 2007. In fact, the 2007 figure of £22.6 million was down on the previous year, a fall that may be due to the implementation of two-factor authentication systems such as PINsentry. It’s likely that fraudsters then switched their attention to banks that weren’t using two-factor authentication – hence the sharp rise in fraud. Until all the major banks adopt stronger authentication methods for customers, online banking losses will continue.
Moreover, simply implementing USB one-time-password tokens still poses a security risk for banks that the enterprise realm doesn’t face, as it doesn’t offer transaction signing - a crucial factor in online banking, especially when money is moved between accounts. The only current specification that allows this is the Chip Authentication Program (CAP), where a smart card is used with a portable reader such as PINsentry.
With ID theft showing no sign of abating, placing the onus on the consumer to protect their identity in every facet of their lives becomes vitally important. Systems such as PINsentry illustrate how real-world security platforms can be developed that deliver consumer confidence - bringing strong, multi-factor authentication out of the enterprise realm and into the public domain.
Barclays’ PINsentry uses dynamic authentication via a CAP reader
Barclays PINsentry
Online Banking Solution
