Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Bank hits back at phishing with security trial

Key-fob tokens to be used by 30,000 customers.

Article comments

UK bank Lloyds TSB has reacted to a marked increase in attempted online banking fraud by embarking on a large-scale trial of token-based security.

The trial is one of the biggest of its kind yet announced in the UK, and will involve 30,000 of the bank’s customers being offered the option to log on to their accounts using a number-generating key-fob.

At the point they log on, customers will press a button on the device to generate a time-defined access code to complement their usual ID and password. Once in the system, this device is also able to generate further codes to authorise specific transactions.

The trial is expected to last six months, at the end of which the bank will assess its success at stopping fraud, and popularity with customers. If successful, it is likely to be rolled out to the bank’s entire customer base of 3.5 million.

The new scheme is part of the company’s BankSecure initiative, which also involves offering customers detailed advice on how to secure their PCs, and discounted subscriptions to anti-virus and other security software.

“We’ve been seeing increasing levels of fraud in the last 18 months,” admitted Lloyds TSB Internet banking director, Matthew Timms. “We want to maintain customer confidence.”

According to Timms, the 2005 set of figures from APACS (the Association for Payment Clearing Services), the UK institution tasked by the industry with monitoring online fraud, would show significant increases in fraud over last year’s numbers.

The security would be free to customers, with each key fob costing the bank between £3 and £5 a go, depending on the number purchased. This suggests the trial investment is in the low hundreds of thousands of pounds, which is a tiny capital cost for the banks as against the potential for fraud losses.

The bigger cost is likely to be that of supporting the system, which Timms said the bank would monitor closely. People are bound to lose the devices, and inevitably some will malfunction. The company supplying the trial system is Vasco Data Security, which won the contract for an undisclosed sum.

As to alternative token systems such as using mobile phones, Timms was sceptical that these would be as simple to use from the customer’s perspective. There was also the issue of a phone being out of range to receive the security code, and the fact that SMS messaging could not yet provide a delivery guarantee.

One of the problems with token-based authentication is that it doesn’t deal with the issue of card not present fraud (CNP), relevant for Internet transactions. To this end, Timms said the bank was teaming up with APACS to look into card-reader systems. These could also double-up as authentication systems, but simple token-based systems were likely to fill the security gap until such systems became affordable in the longer term.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *