Homes and Property | Home Page

Banks act to beat online fraud

HIGH Street banks are set to issue customers with tiny electronic devices that will help them verify their identities when they bank or shop online.

Next month the clearing banks will agree a standard method for physical authentication of transactions conducted online, according to IT newspaper Computing. They are examining two devices and deciding which form of encryption to use as standard.

The news comes as IT security specialist Information Risk Management revealed that 11 out of 18 British banking websites are susceptible to immediate attack by hackers and 13 of the 18 are vulnerable to long-term attacks.

Chief technology officer Phil Robinson called for radical action, saying: 'The time is right for the Financial Services Authority to use its regulatory powers to mandate standardised authentication mechanisms for online financial services. 'The UK is falling behind the rest of the world and it is users who are suffering financial loss as well as a growing lack of confidence.'

Britain's 14m online bank customers have already been paid £4.5m compensation for fraud committed on their accounts, though this may be only the tip of the iceberg.

The Association for Payment Clearing Services (Apacs), for the banks, hopes it can reach a standard for encryption and the type of electronic gizmo that will provide greater security.

One of the two devices it is examining is a small card reader. The customer swipes his or her credit or debit card then enters a pin number. The machine generates a six or eight-digit number which the bank website will demand before it allows entry to the client's account.

The second device - the size of a keyring fob - continually generates random six-digit numbers which last only one minute. Customers will type in the current pass number to access their accounts.

Tony Salmond, consultant to Apac's e-commerce group, said: 'We are in the final stages of consulting with our banks to determine the flavour of these specifications we will see as a UK standard. By the start of May we should have agreement on the authentication standard.'

Banks expect to start rolling out the devices to select customer groups within 12 months. Barclaycard has already run a six-month trial of the swipe-and-pin device and HSBC and Royal Bank of Scotland are believed to be testing systems. Eventually, the authentication devices may be used in all online retailing.

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in

MORE ABOUT

Banking
Electronics
FSA
HSBC
Internet
Royal Bank Of Scotland