Updated 26 May, 2012, 4:18 pm IST

Survey Shows Online Banking Needs Changes

29 Jan, 2007, 4:30 pm IST | by Priyanka Pradhan |

RSA, the Security Division of information management and storage company, EMC has released the findings of its annual Financial Institution Consumer Online Fraud Survey, which reveals consumer reactions from internet users about fraud threats such as phishing, vishing and keylogging, and on the efforts of their financial institutions to strengthen remote channel banking authentication. The online survey, conducted in December 2006, asked 1,678 adults from eight countries including India, for their opinions on online fraud.

The findings of the survey reveal that 91% of account-holders are willing to start using a new authentication method, beyond the standard 'username-and-password', if their banks decided to offer stronger security. 73% commented that they would like their financial institution to use risk-based authentication, while 69% of account-holders believe that financial institutions should replace username and password log-in with stronger authentication for online banking.

According to the survey, 82% of account-holders would like their banks to monitor online banking sessions and telephone banking sessions for signs of irregular activity or behavior — similar to the way that credit card transactions are monitored today. While many financial institutions have begun moves to deploy stronger authentication over the past year, only 39% of account-holders are aware of it. Also, less than 70% of respondents in the UK (69%) and in Australia (65%) claimed to be familiar with the term 'phishing' — compared to 83% in the US.

The survey also revealed that trust in the online channel continues to erode, as 82% account-holders are less likely to respond to an e-mail from their bank due to scams including phishing and more than half said that they would be less likely to sign-up for or use online banking as a result. In addition, 44% of account-holders reported that they have become increasingly concerned about other types of attacks (besides phishing), such as Trojans and keyloggers, over the past six months.

While opinions vary when it comes to the preferred method of authentication, (73%) commented that they would like their financial institution to use risk-based authentication and 40% responded that they would like to use a hardware token for authentication. Account-holders in European and Asia-Pacific countries such as Spain, Germany, Singapore and India were the strongest advocates for this technology, with between 46-50% responding that they would like to use tokens.

Mark Pullen, country manager, RSA Security Australia and New Zealand said, "The consensus used to be that security is something that should be handled quietly – and that consumers trust their financial institution to keep their information and assets safe. However, as awareness of identity theft and online fraud grows, people want to feel reassured that they are in fact protected. Our experience shows us what our survey results affirm: educating consumers about new security measures in place, even if they are invisible to the consumer, is advisable and would be regarded positively by the bank’s customers. While most consumers don’t want to be burdened with security, they still would like to know they are secure, and as we can see, they are willing to embrace the technology."