With the rising concern among consumers over the risk of identity fraud related to online banking, security software makers have identified a new avenue for providing applications to users by signing-on the financial services companies as their channel partners.
Banks have become frustrated in their attempts to encourage more customers to embrace online services as awareness of spyware-driven identity theft has filtered into the mainstream.
By offering anti-virus applications and other security tools to users directly via their Web sites, the banks are hoping they can persuade more people to do business online.
Security software makers are looking for new ways to reach consumers as shrink-wrapped anti-virus programs become increasingly commoditized. While yet unproven, the emerging channel model could also provide a potentially rich new opportunity for security vendors to generate new software revenue, analysts said.
“People who do online banking are very concerned about their security, so the vendors are getting to a targeted user while helping the banks rebuild confidence in their services,” said Natalie Lambert, analyst with Cambridge, Mass.-based Forrester Research.
“In some cases it might be too little too late in that a lot of people have left the online banking channel over fears of ID theft, but it could also be a great audience, as theyre getting to a targeted user.”
One of the biggest benefits for consumers could be that they will be encouraged to more frequently update their security software if reminded to do so by the companies with which they already do business online, backers of the model say.
Users who neglect to refresh the desktop security tools they already own remain a significant hurdle in battling malware and online fraud, according to Lambert.
The analyst said it remains to be proven if security software makers can generate significant revenues using financial services companies and other online businesses to market their products.
In many cases the banks will look to offer discounted pricing for the tools, compared to versions of the security applications available at retailers, the effect of which on any profits derived through the deals remains unclear.
In some cases, such as Bank of Americas use of authentication software made by PassMark Security in the banks SiteKey security offering for customers, launched in June, the technology provider will operate behind the scenes.
Bank of America, which claims to retain the most online banking customers in the world, with nearly 20 million subscribers and 10.1 million electronic bill payers, also offers SiteKey, which is now required of its users, at no charge.
Under another so-called OEM model, a start-up dubbed Authentium is offering a set of software development tools to banks and other service providers allows the companies to create their own online security applications.
Known as VirtualATM, that product promises to lock down all other programs running on a desktop when a user is making an online transaction to protect sensitive data.
In a more traditional example, British-based Barclays Bank is charging its customers $30 apiece to use online anti-virus software offered on its site via a deal with applications vendor F-Secure, and is charging just under $50 for a more comprehensive assortment of F-Secure technologies that includes anti-spyware protection and rootkit monitoring tools.
Those prices reflect a roughly 30 percent discount on F-Secures standard pricing for the same products.
One of the companies participating in the move to recruit banks to resell its security applications is anti-virus market leader Symantec, which has already stuck deals to provide its software with high profile partners including Morgan Stanley.
Enrique Salem, group president of consumer products and solutions at Symantec, Cupertino, Calif., said that reaching customers at the point where they are most concerned regarding their safety online makes good business sense for everyone involved.
“Consumer security was previously about protecting the PC, now its about protecting personal information and business information to prevent fraud,” Salem said.
“The proliferation of passwords that people have today is a very inefficient way to manage security, so youll see us offer a number of services, many Web-based, that will aim to make end users lives more secure online.”
In addition to offering its existing products online today, Symantec is looking at new services for growing trust between online businesses and consumers.
As part of the companys emerging “Security 2.0” vision, said Salem, the company is looking to develop a range of identity and reputation-oriented applications, such as browser toolbars, that businesses use to authenticate communications with their customers.
One financial services company already selling Symantecs software to its end users is the TD Canada Trust mortgage banking unit of Toronto Dominion Bank, Toronto.
Since 2003, the company has offered a discounted version of Symantecs Norton anti-virus package, at approximately 40 percent below retail price. In February 2006, TD Canada Trust began offering Symantecs Norton Confidence Online Internet security suite.
Jeff van Duynhoven, vice president of Electronic Channels and Technology at TD Canada Trust, said the bank hopes to reassure online users that they can do business safely.
He says he remains uncertain what sort of volume his company can provide Symantec as a reseller. Over 100,000 of TD Canada Trusts 2.4 million active online customers have already downloaded a free trial of the software, he said.
“Our primary driver is attracting those people who have Internet access but dont bank online, and we know the single biggest reason they wont do so is because of security concerns,” van Duynhoven said.
“I dont necessarily see us as a reseller; were just a front end. But clearly theres a mutual benefit to bringing Symantecs product directly to the customer.”
Industry analysts observed that both security companies and online businesses are desperate to add new customers, and said there will likely be an increasing number of partnerships established between high-profile organizations looking to tap into each others brands and customer bases.
How successful the tie-ups will be at creating new revenues streams for the players involved remains to be seen, but the business model makes sense, experts said.
“Its an open question regarding how successful these deals will be in terms of generating sales, but its a good way of experimenting,” said Andrew Jaquith, analyst with Boston-based Yankee Group.
“Both parties have incentives, and theres a potential for this to be mutually beneficial; spam and phishing attacks have conspired to destroy consumer trust in the banks brands and services, and clearly they need to do something.”
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.