RSA Security announced Jan. 25 the findings of its fourth annual Financial Institution Consumer Online Fraud Survey, which showed that online customers are not very confident when it comes to their online banking security.
The survey, which was conducted in December 2006, asked 1,678 adults from eight countries about their opinions regarding different online fraud threats including phishing, vishing and keylogging as well as what their financial institutions are doing to bolster banking authentication.
In the survey, 82 percent of respondents said that they are less likely to respond to an e-mail from their bank because of online scams including phishing, while 44 percent of respondents said that they are becoming more and more concerned about other types of attacks such as Trojans and keyloggers.
Fifty-two percent of respondents said that they would be less likely to sign up for or use online banking at all because of online threats.
“While consumers continue to sign up for online banking, it is clear that security is a concern and a barrier for many people,” Marc Gaffan, director of marketing for the Consumer Group at RSA, told eWEEK.
For businesses that use online banking, online scams are cutting into something that saves them money and gives them a considerable amount of business.
“The online channel holds an enormous amount of potential and many benefits for business professionals—they have a definite interest in maintaining the level of trust and boosting consumer confidence because if consumer trust decreases in online banking, it will have an effect on their overall trust in their financial institution, a critical part of every institutions relationship with their customers,” Gaffan said.
To increase the trust level in their online banking service, 91 percent of respondents said that they would be willing to start using a new authentication method if their banks decided to offer stronger security, while 69 percent of respondents said that they feel that their financial institution should replace user name and password log-in with a more robust authentication method.
Seventy-three percent of respondents said that they would like their financial institution to use risk-based authentication, which includes the users identity information such as log-on location, IP address and their transaction history.
“Risk-based authentication is mainly done behind the scenes without impacting the consumers online banking experience unless it is identified as a high-risk transaction, in which case additional authentication will be needed in order to proceed,” Gaffan said.
On a global scale, 40 percent of respondents, mostly from Spain, Germany, Singapore and India, said that they would like to use a hardware token for authentication while 53 percent of respondents said that they would rather use a personalized image to authenticate the online banking site to the user because they believe that using personalized images would give them a heightened sense of security.
“We anticipate that online banking will continue to grow, and in parallel financial institutions will continue to ramp up their online security,” Gaffan said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.