While concern is worth noting, it is action that impacts the ultimate health of a financial institution. Seventy-one percent of U.S. adults would be at least somewhat likely to switch to a different bank if they became a victim of online banking fraud at their current bank.
“According to RSA’s 2013 report The Year in Phishing, online banking fraud is a nationwide epidemic in which banks, who lost $1.5 billion in revenue last year from phishing attacks, are simply accepting losses instead of proactively adapting their defense,” said Christiaan Brand, CTO at Entersekt. “What makes the issue complicated is the increased sophistication of hackers, but technology aimed at thwarting attacks has evolving too.”
According to the poll, almost six in ten (58%) U.S. adults would be at least somewhat willing to take an active role in securing their online banking transactions if this meant using their mobile phones to authenticate activities, such as purchases, logins, transfers or bill payments.
There is no shortage of products on the market that promise reliable consumer authentication. The most popular systems employ one-time passwords (OTPs), usually delivered to banking customers through hardware tokens or via text or automated voice message on the mobile phone.
“The fundamental flaw these products share is that they continue to rely on browser-based communications back to the bank,” continued Brand. “Banks are in the unenviable position of having to juggle robust security with consumer demand for convenient access. OTPs deliver neither.”
According to the poll, Americans access their accounts online 10 times per month on average. Each of these logins is either an opportunity for hackers to steal valuable, personal information, or an opportunity for a bank to protect its customers and reputation.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.