Researchers from Harvard and MIT have
questioned the effectiveness of site image authentication technologies. The technique, pioneered by RSA subsidiary PassMark Security, relies on the exchange of personalised digital images between customer and bank Web site in advance of password entry.
In the study, only three per cent of users chose not to log-in when their secure images failed to flash up. Furthermore, over half (53%) entered passwords when a bank's log-in page was replaced with a warning page.
This latter stat suggests that consumers may be placing too much faith in the ability of new authentication techniques to protect them from cyber-fraud, and disregarding other warning signs.
There's a diffficult lesson for the banking industry here. The reassurance offered by the introduction of new log-in procedures and authentication technologies is welcome, but it should not be oversold. By all means provide a security blanket; just ensure
that it doesn't become a comfort blanket.