 
|
|
09 December 2005 Bank of Ireland plans two-factor authenticationSarah HilleyBank of Ireland is planning to introduce two-factor authentication for online banking customers within the next year. The bank will most likely issue customers with security tokens, which dynamically change numbers, for each transaction. However, it is also looking at biometrics and keystroke dynamics, said the Bank’s Manager of Group Information Security. The security token, which the bank is strongly considering, allows online customers to press a button on the device to generate a transaction number. The numbers can only be used once so an identity thief would not have time to use them even if he was able to steal them. The bank has already issued the token to 40,000 of its corporate customers. The security tokens have also been introduced by European online bank, RaboDirect. Bank of Ireland is bringing the tokens to consumers to satisfy their demands for more freedom in online banking. Customers are screaming for more online functionality, said Cormac O’ Byrne, Manager Group Information Security. “But they don’t spend enough time securing their PCs.” So far the bank has been limiting the amount of transactions its customers can do online. There are strict limits on the amount of money that can be transferred through the bank’s website. No cross border payments are allowed. Customers must specify where money is to be transferred in advance on paper. Criminals are no longer targeting the bank directly but instead going after the customers, said O’Byrne. To keep account details safe the bank strongly discourages customers from banking online in Internet cafes because of the danger of keystroke logging software. O’Byrne said that none of its customers have been duped by phishing, although they have reported seeing the emails. The bank has had problems with fraudsters placing equipment on ATMs, however.
|
|
