• United States

RSA Security says consumers want banks to increase security

Mar 15, 20062 mins

If government regulation isn’t enough to get financial institutions to beef up online security, then perhaps customer demands will.

RSA Security just released the results of its annual Financial Institution Consumer Online Fraud Survey, which was conducted last November.  I’m not a bit surprised that customers want their banks to do more to protect their accounts; this is what I’ve been saying for months.  According to the survey:

  • 73% of account-holders believe that financial institutions should replace username-and-password log-in with stronger authentication for online banking

    • When presented with several options, including hardware tokens, watermarks for mutual authentication, and risk-based authentication, the majority of respondents (74%) selected risk-based authentication as their preferred method. Risk-based authentication involves a behind-the-scenes assessment of the user’s identity based on factors including log-on location, IP address and transaction behavior – which can be supplemented with out-of-band phone calls or secret questions for transactions that are deemed high-risk.

    • 43% responded that they would use a token if the bank provided one for free

    • 55% responded that they would like to use a watermark for reverse authentication; 46% felt that it is most important to see the watermark on any computer they log-in from, and not just their primary computer.

  • 89% of account-holders would like their banks to monitor online banking sessions for signs of irregular activity or behavior – similar to the way that credit card transactions are monitored today

  • 59% would like their bank to contact them when something suspicious is detected

  • 79% of account-holders are less likely to respond to an e-mail from their bank due to scams including phishing

The Federal Financial Institutions Examination Council (FFIEC) has recommended that stronger security measures be implemented by the end of this year at financial institutions under its domain.  Looks like it’s going to be a busy year for security personnel.