Barclays Bank is set to roll out
handheld chip-and-pin card readers to
500,000 of its two million online banking customers by the end
of the year to protect them against fraud.
It is the first UK bank to offer authentication which uses a
card reader to validate transactions, just over a year after UK
payments association
Apacs issued a common industry standard for card
readers.
The device works by reading the chip on a card and generating an
eight-digit passcode to validate entry onto Barclays’ online
banking portal and then enabling users to validate transactions
using the four-digit Pin they would use in store to ‘sign’
transactions.
Barclays is initially targeting customers who use their online
bank account to set up payments to new third party accounts with
these Pinsentry devices.
The card reader will replace the need for passcodes and
memorable words, which the bank said could be compromised by Trojan
viruses that hijack sensitive information on a consumer’s computer,
enabling hackers to set up third-party transfers to steal money
from accounts.
Customers who simply wish to use online banking to view their
accounts and pay bills or established payees will be able to
continue to use online banking as before, without the need for
Pinsentry.
Barnaby Davis, director for electronic banking for Barclays,
said, “Pinsentry is the next generation of fraud prevention
technology and Barclays is proud to be the first organisation in
the UK to roll it out to its customers.
The popularity of Barclays’ online banking service comes down to
convenience and security and the introduction of PINsentry will
enhance both of these features.”
Barclays Bank website >>
Online card fraud soars >>
TV to demonstrate cloned chip and Pin
cards
TV to demonstrate cloned chip and Pin cards >>
Comment on this article: e-mail
computer.weekly@rbi.co.uk
David Lacey’s security blog
The latest
ideas, best practices, and business issues associated with managing
security
Stuart King’s risk management blog
Dealing with
the operational challenges of information security and risk
management