HSBC strengthens online fraud defences

Combination of web and phone expected to improve security

Online banking fraud is on the rise

HSBC has deployed a new authentication system to protect online and remote transactions from fraud.

Using the system provided by Authentify, the authentication process is isolated from the web, and user or transaction details must be entered via a telephone call synchronised to online sessions, making it more difficult for criminals to hack into accounts even when using compromised personal information.

The out-of-band system claims to offer the highest security with the most convenience, as opposed to two-factor authentication – whereby devices give customers automatically-generated one-time passcodes to use in conjunction with the password they already know – as a way to tackle fraud committed in cases where the cardholder is not present, such as online shopping.

A number of UK banks including Barclays, Lloyds TSB, Nationwide and Royal Bank of Scotland have introduced two-factor authentication schemes, while HSBC and Abbey have opted not to, saying the devices were considered impractical.

Figures released in October by UK payment service Apacs showed that online banking fraud losses totalled £21.4m during the six months to June 2008, a 185 per cent rise on the 2007 figure.