Computer Crime Research Center


Safety of online banking

Date: February 09, 2007

An initiative by Standard Bank to tighten the safety of online banking has failed, with fewer than one in seven customers bothering to use the security software. The bank launched its security pin pad feature after money was filtered out of accounts by using keystroke logging software, which records the personal identity number (PIN) typed in by customers.

The bank's solution in 2003 was to display a small picture of a keyboard on the log-in screen, so users could click on the relevant numbers to enter their PIN instead of typing it.

But the feature has been removed because of apathy by the clients it aimed to protect.

The apathy shows that while users expect online activities to be secure, they oppose any inconvenience or changes to their own habits.

The bank says its transactions are still secure as it has now made it compulsory to use a one-time password, where a unique code is delivered by SMS when a user initiates a banking session.

It has also redesigned its banking website, annoying some customers who claimed the new software made it impossible to get online last month. The bank denied that the new interface was at fault, and blamed Telkom line failures. Telkom denied having any problems that would keep people offline.

The bank's director of self-service banking, Itumeleng Monale, says the new site supports virtually all internet browsers, and final tests are being done to ensure it is compatible with less common browsers. "The required changes will be implemented as soon as this process is complete."

Online fraud has seen some of SA's e-commerce websites die an early death, says William Mellor, CEO of Bigtime Airtime. He says recent PIN security enhancements for MasterCard and Visa card transactions will further boost consumer confidence.

Bigtime sells cellphone airtime online, and customers have welcomed the stronger "Verified by Visa" and "MasterCard Secure Code" security, Mellor says. Their security developments have enabled companies like his to grow enormously in a very short time, he says.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo