Australian Banks Tackle Multifactor Authentication

Multifactor authentication can provide a safer online environment for customers of the major banks which deal with concerns about consumer confidence, according to Unisys financial services managing partner Rob Dewar.

Earmarking verification and multifactor authentication as the single biggest issue facing banks in 2006, Dewar said more controls should be implemented to authenticate the identity of customers conducting transactions on the Internet.

“Authenticating the identity of the parties involved in a transaction is the only workable solution to prevent identity theft,” Dewar said.

“One reason phishing attacks are successful is that unsuspecting customers cannot determine they are being directed to spoofed Web sites during the collection stage of an attack … the spoof sites are so well constructed that casual users cannot tell they are not legitimate.

“In 2006, financial institutions will need to investigate techniques to differentiate their legitimate sites from spoof sites by verifying their Web site back to the customer.”

On the verification side, Unisys believes many industries will adopt smartcard technologies, rather than single-factor authentication, as a way to combat fraud.

Commenting on Dewar’s claims, Frost & Sullivan analyst James Turner said the federal government is reviewing the use of smartcards and similar technology, and described Unisys’ comments as timely.

Banking customers currently using an ATM are confident about the use of two-factor authentication, he said. Turner said 36 percent of the population is already using two-factor authentication; inserting a card into a computer and connecting via a certificate does not have the same level of privacy concerns as biometrics.

But smartcards are a lot more palatable to the Australian public, according to a Frost & Sullivan end user survey, Turner said.

By Michael Crawford – Computerworld Today (Australia)