Banks set security standard

Apacs completes work on two-factor online authentication specification

Written by James Watson

Computing, 04 Jan 2006

Banking industry body Apacs has completed work to establish a standard for a device to physically authenticate online and telephone-based transactions.

After almost four years of development, technical specifications for a card reader and the necessary card software have been finalised, although the system’s look and feel will only be settled after final usability tests are conducted later this month.

The aim is to provide a device that allows people to use their PINs to secure transactions when banking online, and which could eventually be used for buying goods over the internet.

The standard will result in interoperable card readers that will work with any bank and any card, according to Apacs head of security Colin Whitaker.

‘We can’t have people with five or six card readers,’ Whitaker told Computing. ‘This architecture allows any UK card to be used in any reader.’

Apacs says it will be 12 to 18 months before banks are ready to start deploying the technology, which will require new chip-and-PIN cards to be issued to customers, as well as changes to various back-end systems.

But several High Street banks, including Barclays and Lloyds TSB, have started preparations.

‘We’re working with the industry through Apacs and the card schemes on a range of security measures, including a strong authentication device based on the chip-and-PIN technology,’ said a Barclays spokeswoman.

Lloyds TSB, which in October launched a trial of an alternative device that generates unique authorisation codes for securing online banking (Computing, 20 October), says its tests will aid any future card reader rollout.

‘It is part of the same journey,’ said a Lloyds TSB spokesman. ‘The technology is the same as the pilot project we are running, so therefore the work has already started for us.’

But analysts warn there are still issues to be resolved, such as who will pay for the technology and how to gain support in the retail sector so the device can also be used to secure online shopping.

Martha Bennett, research director at Forrester Research, said: ‘This is uncharted territory. Our research indicates that customers are not willing to pay for extra security, although the jury is still out on this.’

Online fraud cost the banking industry £14.5m in the first six months of 2005, a 263 per cent increase on the previous year (Computing, 10 November).

Tags:

reader comments

related articles

 
Management

HSBC strengthens online fraud defences

Combination of web and phone expected to improve security 07 Jan 2009

Finance

Barclays claims zero online fraud

The bank credits the absence of online crime to the introduction of two-factor authentication devices 16 Jul 2008

Communications

Barclays rolls out contactless payment for debit cards

Three million customers to receive cards embedded with the new technology by year end 03 Mar 2009

related whitepapers

today's top stories

Ecommerce

What does Windows 7 mean for Microsoft?

With the sting of Vista still fresh, Redmond has to make next Windows work 10 Jul 2009

Management

A smarter way to use BI

Getting the most from business intelligence systems requires not only careful management on the part of IT leaders, but also the committed involvement of decision-makers across the organisation 08 Jul 2009

Mainstream Matters

The truth behind the Google/Microsoft/NHS rumours

Before Monday 6 July, did you know that Google and Microsoft had services for storing health records? Thanks to an article in... 10 Jul 2009

Management

Quenching a thirst for IT modernisation

A substantial restructure at soft drink supplier Nichols -­ purveyor of Vimto - ­led the company to update its software to Sage 1000 to replace its in-house application. This resulted in the streamlining of the IT department and an opportunity to customise the system 08 Jul 2009

Management

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will Google Chrome OS be a genuine alternative to Windows?

Will Google Chrome OS be a genuine alternative to Windows?

Tell us your views on the new operating system rivalry

View poll results

> More polls

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

> More audio and video

Latest in-depth articles

Google ChromeAnalysis

Lack of enterprise appeal takes shine off Chrome OS

Enterprise buyers unlikely to ditch Windows for Chrome OS in the near term, say experts 09 Jul 2009

Satyam CEO CP GurnaniNews

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More in depth articles

Advertisement

Primary Navigation