Lloyds TSB tests access code devices

If successful, the the system may be rolled out to all customers

Lloyds TSB is testing a security system that allows customers to use a keyring-like dongle to generate one-time passwords for authentication. If successful, the the system may be rolled out to all customers in future.

The bank plans to issue 30,000 tokens in a six-month trial. Customers taking part will log on to Lloyds TSB Internet banking as normal using their user ID and password, but instead of entering further identifying information they will be asked to press the button on the Access Code Device to generate a unique code. The customer then types in this code, which the bank verifies.

Lloyds TSB said customers could use the code instead of their password. In a statement, internet banking director Matthew Timms said, “The trial of is one of a number of security initiatives we are introducing to address the concerns of customers and stay ahead in the battle against online fraudsters. The Access Code Device will generate a new code every time it’s used, preventing customers from disclosing all their log on details.”

To improve security at the customer end, Lloyds TSB will also offer a PC scan, which will look for spyware, and the bank will offer a 20 percent discount on the ZoneAlarm Security Suite. An online guarantee means that if customers have taken reasonable steps to protect themselves, the bank will refund their money, in the “unlikely event of fraud”.

Donal Casey, security consultant at Morse, said, “Access code devices have been used in the corporate world for some time and have proved to be very successful. Therefore it’s not surprising to see banks looking at using this technology.”