Two-factor authentication for remote banking moves from pilot to deployment stage
15 March, 2007
category: Financial
By Nigel Reavley, Director of Business Unit for Banking, XIRING
Consumer confidence in online banking has grown rapidly in recent years. Once limited to their local branches, customers are now embracing new technologies for their banking needs. A recent study by Lloyds TSB showed that over two-thirds of Britons conduct the majority of their banking over the internet, which is a three-fold increase on 2005 figures.
Despite the growing popularity of online banking, fraud within this particular channel remains a prime concern. Indeed, the current trend for migration to EMV in many countries across the world has reduced the instances of fraud within cardholder present transactions, but increased the threat amongst other channels, including the internet. Consequently, these less protected transaction channels now urgently require an anti-fraud solution.
As a result, two-factor authentication card readers are currently being trialled or deployed by a number of financial institutions worldwide in the fight against internet fraud. In the UK and Belgium banks previously in pilot mode with the readers have since moved to the deployment stage. The UK market is particularly advanced, where major banks are now at the stage of considering their choice of supplier. 2007 will be the year when the first few million users receive two-factor authentication card readers for their online banking transactions.
Other countries such as France, Portugal, Turkey and Italy are closely following Western European markets and moving into the pilot stage. In addition, the Eastern Europe market will be ripe for deploying the technology in 2007. Without the burden of legacy systems, the adoption of anti-fraud solutions can be made quickly without the need to change infrastructures or worry about previous investments.
As 2006 has seen a rise in the popularity of online banking, so 2007 will see telephone banking and m-commerce come into their own. Consequently, banks will need to deploy technology in order to authenticate customers on the telephone. Bluetooth-enabled connected readers are now available, capable of securing both online and telephone transactions.
The telephone is an increasingly significant transaction channel. In the UK, for example, £23 billion worth of payments are made through the telephone, which accounts for 45% of all card-not-present payments. Due to the successful deployment of Chip and PIN however, there has been a 57% increase in UK direct telephone order fraud in the past year. Two-factor authentication technology will need to extend its remit to telephone payments in 2007 in order to combat this trend.
Beyond 2007, we will start to see devices such as PDAs and telephones becoming credible channels for online banking. Access to banking via videophones will further increase the reliance on authentication technology to ensure the security of face-to-face transactions via screens. Lessons learnt from internet banking should be applied to securing these emerging channels, which hold the key to making the concept of a mobile bank a reality.