Two-factor authentication for remote banking
07 June, 2007
category: Library
By Nigel Reavley, Director, Banking Unit, XIRING
Consumer confidence in online banking has grown rapidly in recent years. Once limited to their local branches, customers are now embracing new technologies for their banking needs. A recent study by Lloyds TSB showed that over two-thirds of Britons conduct the majority of their banking over the Internet, which is a three-fold increase on 2005 figures.
Despite the growing popularity of online banking, fraud within this particular channel remains a prime concern. Indeed, the current trend for migration to EMV in many countries across the world has reduced the instances of fraud within cardholder present transactions, but increased the threat amongst other channels, including the Internet. Consequently, these less-protected transaction channels now urgently require an anti-fraud solution.
As a result, two-factor authentication card readers are currently being trialled or deployed by a number of financial institutions worldwide in the fight against Internet fraud. In the UK and Belgium banks previously in pilot mode with the readers have moved to the deployment stage. The UK market is particularly advanced, where major banks are now at the stage of considering their choice of supplier. 2007 will be the year when the first few million users receive two-factor authentication card readers for their online banking transactions.
Other countries such as France, Portugal, Turkey and Italy are closely following and moving into the pilot stage. In addition, the Eastern Europe market will be ripe for deploying the technology in 2007. Without the burden of legacy systems, the adoption of anti-fraud solutions can be made quickly without the need to change infrastructures.
As recent years witnessed a rise in the popularity of online banking, we are now seeing telephone-banking and m-commerce come into their own. In the UK, for example, £23 billion worth of payments are made through the telephone, which accounts for 45% of all card-not-present payments. Due to the successful deployment of Chip and PIN however, there has been a 57% increase in UK direct telephone order fraud in the past year. Two-factor authentication technology will need to extend its reach to telephone payments in order to combat this trend.
Access to banking via videophones will further increase the reliance on authentication technology to ensure the security of face-to-face transactions via screens. Lessons learned from Internet banking should be applied to securing these emerging channels, which hold the key to making the concept of a mobile bank a reality.