Online Bankers To Face Two Id Checks
The Age
Wednesday March 9, 2005
An industry standard will be introduced in an effort to make internet banking services more secure.
INTERNET banking customers will be required to use mobile phones or carry plastic tokens to log into their accounts as banks tighten up security for online services. The chief executive of the Australian Bankers' Association, David Bell, said an industry standard requiring all banks to use two methods of identifying internet customers would be introduced later this year. Internet fraud was costing Australian banks more than $25 million a year in losses, he said. Under the standard, each bank will choose its own method of secondary identification, which Mr Bell said would be based on "something customers have", as distinct from "something they know". Research by the bankers' group has found that customers do not want to use biometric devices that involve physical contact, such as fingerprints, because of privacy concerns. Banks are testing systems that send text messages to customers when they first enter a bank's website. The message contains an extra number that is needed to complete the transaction. Last year, Bendigo Bank began testing security tokens that fit on a key ring and they will soon make the system mandatory. About 20 per cent of its internet banking clients now use the devices, which they must buy. A standard token, costing $16.50, has an internal clock that generates random numbers, recognised as unique to that customer by Bendigo's computer system. On each transaction, the customer must type the number into their computer within a time limit. "It is a very tiny inconvenience," a Bendigo Bank spokesman said. "When you leave the car, you take a few seconds to lock it." A spokeswoman for the Australian Consumers Association, Lisa Tait, said banks should not be charging customers for security devices and they should also provide updated anti-virus software free of charge. "Online banking is cheap for banks," she said. "After all, going into a branch is more secure." The use of text messaging raised its own security issues. "What if someone steals your phone?" Ms Tait said. Australian Federal Police Commissioner Mick Keelty said 8 million Australians regularly used internet banking. Although the online banking system in Australia had never been subjected to a major hacking attack, customers were being targeted by "phishing" email scams, trojans and key loggers. These are all methods used by online criminals to steal users' passwords. The consumers' association said the banks placed too much onus on customers to protect themselves when high-technology scams were becoming increasingly sophisticated.
© 2005 The Age
Share This