RSA, the security division of EMC, has released the findings of its fourth annual Financial Institution Consumer Online Fraud Survey, and the results show that customers want stronger online security methods.
The survey questioned 1,678 adults from eight countries about their opinions on fraud threats such as phishing and keylogging, and on the efforts of their financial institutions to strengthen remote banking authentication.
The results showed that 91% of account-holders are willing to start using a new authentication method, beyond the standard username-and-password format, if their banks decided to offer stronger security.
In addtion, 73% said they would like their financial institution to use risk-based authentication, and 69% of account-holders believe that financial institutions should replace username-and-password log-ins with stronger authentication for online banking.
Also, 58% of account-holders believed that financial institutions should deploy stronger authentication for telephone banking, and 82% wanted their banks to monitor online banking sessions and telephone banking sessions for signs of irregular activity or behaviour - similar to the way that credit card transactions are monitored today.
Less than 70% of respondents in the UK (69%) and in Australia (65%) claimed to be familiar with the term phishing, compared to 83% in the US.
The survey showed that trust in the online channel continued to erode, with 82% less likely to respond to an e-mail from their bank due to scams including phishing - up from 79% in 2005 and 70% in 2004.
More than half said that they would be less likely to sign-up for or use online banking as a result. In addition, 44% of account-holders reported that they have become increasingly concerned about other types of attacks, such as Trojans and keyloggers, over the past six months.
When presented with several new authentication options, including hardware tokens, personalised images, and risk-based authentication, the majority of respondents (73%) said they would like their financial institution to use risk-based authentication.
Risk-based authentication involves a behind-the-scenes assessment of the user's identity based on factors including log-on location, IP address and transaction behaviour - which can be supplemented with phone calls to the customer or secret online questions for transactions that are deemed high-risk.
Globally, 40% said they would like to use a hardware token for authentication. Account-holders in European and Asia-Pacific countries such as Spain, Germany, Singapore and India were the strongest advocates for this technology, with between 46-50% saying they would like to use tokens.
Also, 56% said they would like to use a personalised image to authenticate online banking sites. A personalised image is selected by users and used to help verify that they are in fact on their bank's legitimate site and not a fraudulent one.
Comment on this article: firstname.lastname@example.org