Bank adopts electronic signature defence

News Analysis

Bank adopts electronic signature defence

German retail bank Postbank has adopted electronic signatures in a bid to prevent it being the target of phishing attacks aimed at stealing online personal information.


The bank – one of the country's largest consumer banks, with 11 million customers – said it would begin attaching electronic signatures to all of its email correspondence with customers to ensure their authenticity.


The Postbank mail certification service has already integrated the S/MIME standard into several email applications, including Outlook, and will adopt electronic signatures issued by the German subsidiary of GeoTrust, TC Trust.


Only Postbank customers using email applications with both S/MIME authentication and TC Trust certification will receive a certification symbol, confirming that the text message is from the bank. They can verify an email by clicking the symbol, which, when opened, provides details about the signature.


Phishing attacks, which have hit Postbank and several other large German banks over the past couple of years, have resulted in more than 80% of online banking customers in the country doubting the authenticity of email correspondence from their banks, according to a survey by German market researcher TNS Infratest.


Electronic signatures must be a way forward for banks to retain the confidence of customers that their communication is genuine, and not another phishing attack. However, they sound daunting to customers, and will have to be packaged in a user-friendly way.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy