Report shows 73% of account-holders feel financial institutions should deploy
stronger authentication, and 89% believe banks should monitor online banking
sessions for irregular activity
Trust in the e-mail channel continued to drop in 2005 -- 79% are less likely
to respond to banking-related e-mails, compared to 70% in 2004
BEDFORD, Mass., March 14 /PRNewswire-FirstCall/ -- RSA Security
(Nasdaq: RSAS), today released key findings from its annual Financial
Institution Consumer Online Fraud Survey. Conducted in November 2005, the
online survey[1] asked 402 U.S. adults[2] for their opinions on online banking
authentication and e-mail fraud, such as phishing.
Key results of the survey include:
* 73% of account-holders believe that financial institutions should
replace username-and-password log-in with stronger authentication for
online banking
* 89% of account-holders would like their banks to monitor online banking
sessions for signs of irregular activity or behavior -- similar to the
way that credit card transactions are monitored today
* 59% would like their bank to contact them when something suspicious is
detected
* 79% of account-holders are less likely to respond to an e-mail from
their bank due to scams including phishing; this is up from 70% in the
2004 survey
* 65% of account-holders have seen either 'a slight increase' or 'no
change' in the amount of phishing e-mails they have received. The
RSA(R) Cyota Anti-Fraud Command Center (AFCC), which scans over 1
billion e-mails per day confirms: the number of phishing attacks has
remained close to 2,500-3,300 attacks per month for the last eight
months, with only a small increase each month
"It is important to preserve the speed, simplicity, ease of use and
convenience of the online banking channel. Consumers seem to feel comfortable
with the notion of their financial institution monitoring their online
activity and contacting them when something suspicious is detected, just as
they've become accustomed to for years in the credit card space," said Chris
Young, senior vice president and general manager of RSA Cyota Consumer
Solutions.
Account-holders want stronger authentication, but with a focus on ease-of-
use
When asked for their views on online banking authentication, 73% of
respondents answered that they feel banks should use some kind of stronger
authentication than basic and static usernames-and-passwords for online
banking. When presented with several options, including hardware tokens,
watermarks for mutual authentication, and risk-based authentication, the
majority of respondents (74%) selected risk-based authentication as their
preferred method. Risk-based authentication involves a behind-the-scenes
assessment of the user's identity based on factors including log-on location,
IP address and transaction behavior -- which can be supplemented with out-of-
band phone calls or secret questions for transactions that are deemed high-
risk.
-- 43% responded that they would use a token if the bank provided one for
free.
-- 55% responded that they would like to use a watermark for reverse
authentication; 46% felt that it is most important to see the watermark on any
computer they log-in from, and not just their primary computer.
Account-holders expect their banks to monitor online banking activity
According to the survey, 89% of account-holders would like their banks to
monitor online banking sessions for signs of irregular activity or behavior --
similar to the way that credit card transactions are monitored today, and 59%
feel that banks should contact them if any suspicious activity is detected.
In addition, 52% felt that their bank should be liable for fraud executed
within the online banking site.
Trust in the e-mail channel continues to drop; phishing is here to stay
79% of account-holders expressed that, as a direct result of scams such as
phishing, they are less likely to respond to an e-mail from their bank -- up
from 70% in November 2004. In addition, 65% of account-holders have seen
either a slight increase or no change in the amount of phishing e-mails they
have received. The Company's 24x7 AFCC concurs that the amount of phishing
attacks it has monitored has hovered around the 2,500-3,300 per month mark for
the past eight months, with only a slight increase each month. This is in
contrast to its November 2004 survey, in which consumers said that the number
of phishing attacks had doubled between April and November 2004. While this
trend affirms that the explosion of phishing attacks seen in 2004 has died
down, it also confirms that phishing is not a passing trend: it is an
entrenched type of fraud that is not going away.
The survey also shows that account-holders are looking to their banks and
their ISPs to protect them from phishing: 45% of account-holders feel that an
ISP blocking service for phishing would be effective, and 68% would like their
ISP to offer such a service.
The surveys mentioned were commissioned by Cyota prior to the RSA Security
acquisition in December 2005, and administered by Infosurv, an online market
research company.
About RSA(R) Cyota Consumer Solutions
RSA(R) Cyota Consumer Solutions, a division of RSA Security Inc., offers
proven solutions for online banking and e-commerce that range from adaptive
authentication -- with risk-based technology, one-time-passwords and
transaction-signing -- to anti-phishing services and real-time transaction
monitoring that controls fraud and manages risk. The company's
eFraudNetwork(TM) community is the world's most effective cross-bank
collaborative online fraud network. Today, many of the world's top 50 banks,
including nine of the top 12 banks in North America and the UK, use RSA Cyota
solutions to protect approximately 430 million consumers.
About RSA Security Inc.
RSA Security Inc. is the expert in protecting online identities and
digital assets. The inventor of core security technologies for the Internet,
the Company leads the way in strong authentication and encryption, bringing
trust to millions of user identities and the transactions that they perform.
RSA Security's portfolio of award-winning identity & access management
solutions helps businesses to establish who's who online -- and what they can
do.
With a strong reputation built on a 20-year history of ingenuity,
leadership and proven technologies, we serve approximately 20,000 customers
around the globe and interoperate with more than 1,000 technology and
integration partners. For more information, please visit
http://www.rsasecurity.com.
For more information:
Courtney Hohne Matt Buckley
OutCast Communications RSA Security Inc.
(415) 392-8282 (781) 515-6212
courtney@outcastpr.com mbuckley@rsasecurity.com
SOURCE RSA Security
 back to top
Related links:
http://www.rsasecurity.com
CONTACT:
Courtney Hohne of OutCast Communications,
+1-415-392-8282, courtney@outcastpr.com; or Matt Buckley of RSA
Security Inc., +1-781-515-6212, mbuckley@rsasecurity.com
|
