Strong authentication a hard sell for banks

IDG News Service - The announcement last week that U.S. Bancorp, the eighth-largest U.S. bank, signed a deal with VeriSign Inc. to secure customer access to online commercial banking services could signal a significant trend toward greater security for retail banking and brokerage customers, as companies in those industries fight a big increase in online scams.

But the introduction of a "multifactor" authentication option for thousands of companies that use U.S. Bancorp online services is still the exception among U.S. financial institutions, which lag far behind their counterparts in Europe and Asia in the use of strong authentication to secure those services, and industry officials are skeptical that such technology will ever take hold here.

U.S. Bancorp will use VeriSign's Unified Authentication service to validate and secure interactions with commercial banking customers, making a secure Universal Serial Bus token available to more than 10,000 commercial banking customers, said Judy Lin, executive vice president for VeriSign's security services.

The U.S. Bancorp move comes amid a growing storm of online scams, including phishing attacks, that use spam and deceptive Web sites imitating bank and e-commerce sites to harvest personal and financial information from unsuspecting Internet users.

The Anti-Phishing Working Group, an industry group of law enforcement agencies, Internet service providers and technology companies, reported that such attacks increased an average of 50% monthly from January to July, the group said.

A May report from Gartner Inc. found that as many as 30 million adults may have experienced a phishing attack and 1.78 million adults could have fallen victim to the scams.

Phishing attacks represent a dangerous new front in the ages-old war between banks and criminals, who have traditionally relied on low-tech crimes such as Dumpster diving and purse snatching to steal bank account and credit card numbers, according to Robin Slade, a senior director at the Banking Industry Technology Secretariat (BITS), part of The Financial Services Roundtable, an industry group of leading banks and banking associations.


Criminals have simply followed their marks to the online realm, said Bruce Candiff, an analyst at Jupiter Research Inc.

"Banks value their online channels as a source of cost savings. A consumer who goes for help to a Web site costs less than if they called a customer service representative, and [online banking services] are more efficient from a consumer perspective, as well," he said.

Currently, about 35 million U.S. households bank online. Jupiter estimates that number will grow to about 56 million households by 2008, 54% of the country's banking households, Candiff said. At the same time, fraudsters

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.