Strong authentication a hard sell for banks
The announcement last week that U.S. Bancorp, the eighth largest U.S. bank, signed a deal with VeriSign Inc. to secure customer access to online commercial banking services could signal a significant trend toward greater security for retail banking and brokerage customers, as companies in those industries fight a big increase in online scams.
But the introduction of a "multifactor" authentication option for thousands of companies that use U.S. Bancorp online services is still the exception among U.S. financial institutions, which lag far behind their counterparts in Europe and Asia in the use of strong authentication to secure those services, and industry officials are skeptical that such technology will ever take hold here.
U.S. Bancorp will use VeriSign's Unified Authentication service to validate and secure interactions with commercial banking customers, making a secure USB (Universal Serial Bus) token available to more than 10,000 commercial banking customers, said Judy Lin, executive vice president for VeriSign's security services.
The U.S. Bancorp move comes amid a growing storm of online scams, including "phishing attacks," which use spam and deceptive Web sites imitating bank and e-commerce sites to harvest personal and financial information from unsuspecting Internet users.
The Anti-Phishing Working Group, an industry group of law enforcement agencies, ISPs (Internet service providers) and technology companies, reported that such attacks increased an average of 50 percent monthly from January to July, the group said.
A May report from Gartner Inc. found that as many as 30 million adults may have experienced a phishing attack and 1.78 million adults could have fallen victim to the scams.
Phishing attacks represent a dangerous new front in the ages-old war between banks and criminals, who have traditionally relied on low-tech crimes such as dumpster diving and purse snatching to steal bank account and credit card numbers, according to Robin Slade, a senior director at the Banking Industry Technology Secretariat (BITS), part of The Financial Services Roundtable, an industry group of leading banks and banking associations.
Criminals have simply followed their marks to the online realm, said Bruce Candiff, an analyst at Jupiter Research Inc.
"Banks value their online channels as a source of cost savings. A consumer who goes for help to a Web site costs less than if they called a customer service representative, and (online banking services) are more efficient from a consumer perspective, as well," he said.
Currently, about 35 million U.S. households bank online. Jupiter estimates that number will grow to around 56 million households by 2008, 54 percent of the country's banking households, Candiff said. At the same time, fraudsters are finding new and better ways to exploit online services, he said.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
