HSBC defends two factor authentication opt out
17 May 2007 | 13259 views | 0
HSBC has defended its decision not to follow other UK banks in rolling out handheld chip and PIN devices to its Internet banking customers, saying its existing monitoring procedures and customer education initiatives are already effective in detecting and preventing fraud.
HSBC's decision to opt-out of the national banking industry push to supply online account holders with Chip and PIN-style home banking technology was first disclosed by UK broadsheet The Guardian. The paper says the other major bank yet to commit to the programme is Santander subsidiary Abbey.
Tim Pie, a spokesman for HSBC, told Finextra that the bank has chosen not to offer two-factor authentication devices to customers "at this time" because existing anti-fraud initatives are proving very effective.
Pie says that transaction monitoring, along with anti-fraud education programmes and the availablilty of discounted security software for customers has resulted in HSBC recording lower incidents of Internet fraud than other banks.
HSBC does offer Vasco's two-factor digital authentication tokens to its UK corporate customers. Pie says this implementation is designed to help businesses introduce appropriate access control procedures for online authorisations.
However HSBC may still consider supplying devices to retail customers if they are shown to be effective or if customers want them, says Pie.
Along with HSBC, Abbey has also stated that it doesn't intend to issue two factor authentication technology to customers. A spokesperson from Abbey told Finextra that the bank had "no plans" to supply devices to customers.
Last month Royal Bank of Scotland (RBS) began issuing hand-held authentication devices developed by French vendor Xiring to customers, which will be used with debit cards to access online banking accounts, while Barclays has begun deployment of its PINSentry devices which will be used with a customer's normal debit card and its PIN to authenticate their identity at log in and for making certain payments.
Nationwide Building Society plans to begin deploying card readers to its online customers later this year and Halifax is expected to select authentication technology and begin a roll out in the autumn.
Meanwhile Lloyds TSB is set to implement a key-ring-sized authentication deveice, developed by Vasco. The bank has been trialling the gadget - which generates a single-use passcode that customers will enter along with usernames and passwords when logging on Web accounts - for the past 18 months.