According to the latest research by Thales in the UK, identity management is now the most important transaction security issue for UK banks.
In a survey of security budget holders and influencers of UK banks by payment transaction security expert, Thales, 73% of respondents cited identity management as the top transaction security concern. Integrity of data (64%) and the security of the network (45%) were found to be the next most important transaction security issues.
By investigating the payment transaction security behaviour of UK banks, the survey uncovered the factors that are driving security investments in this area. It is imperative that banks know their customers, yet the survey clearly showed the difficulty that banks have authenticating identities and verifying the validity of the end user. Some of the key findings of the survey include:
- In 2005, identity management moved from being fifth to the most important driver for transaction security spend
- The number of UK banks assigning separate budgets for identity management has risen from 22% to 60% since 2003
- 82% see added value in managing all customer identities from one platform
- 100% of the banks surveyed believe the internet has prompted investment in transaction security, with 36% stating the internet to be the most important driver for spend in this area
The survey also revealed that 64% of UK banks' transaction security infrastructures are either receiving or require immediate upgrade. Furthermore, 100% of UK banks surveyed indicated that they plan to upgrade these systems within the next two years.
54% of the banks surveyed find the internet threat of phishing to be either important or very important to their IT transaction security investment decisions. The increased investment in identity management, which is helping to counter the threat of phishing, may explain why phishing is not a high priority for UK banks' IT security spend.
Paul Meadowcroft, head of transaction security of Thales' e-Security activities, said: "New transaction technologies and channels are continuing to develop and these results clearly show that in today’s e-business world, banks need a flexible and dependable trust model. Identity management is now the primary transaction security focus for UK banks and the complexity of banking transaction infrastructures is increasing. The task is to simplify the problem before complexity leads to inefficiency, mismanagement and increased likelihood of fraud. The time has come for a more strategic approach to be taken to identity management and transaction authentication."