Security fears dog online banking

Online banking customers are worried about their financial security, but banks are lagging behind, according to a global survey of 4,500 internet users.

The survey identified security as a concern for 86 percent of online banking users, compared with just 68 percent for users of government web sites and 64 percent for online health care.

Four out of five wanted better protection than a simple password.

"Consumers are very much aware of the threats," Seth Geftic, senior manager of identity protection and verification at RSA, told V3.co.uk. "They are not satisfied with simple password protection. Consumers really want and need this security."

Geftic explained that, while some European banks use two-factor authentication, many UK and US banks are turning to risk-based authentication.

A risk-based approach monitors user behaviour and applies computer algorithms to usage patterns to determine whether an account has been compromised. Such systems avoid the 'man in the middle' attacks that can defeat two-factor authentication.

However, internet users are getting savvier about the threats from phishing and malware. In a similar survey in 2007, 63 percent of respondents were aware of Trojans, but this had risen to 81 percent last year.

The study also looked at social networking sites, and found that users are seriously worried about the levels of security.

"People are asking for more security and have said they would use it," said Geftic. "A lot of data on social networking sites is used to steal banking information. People have been trained not to answer an email from a bank, but attacks are more likely to come from social networking."