HSBC is to roll out two-factor authentication to its business customers for online banking. It is the first UK bank to announce such a move.
Two-factor authentication is any identifying protocol that requires two independent ways to establish someone's identity and access privileges.
HSBC plans to issue 180,000 business customers with Vasco secure tokens between May and the end of July, following deployments in the US and Hong Kong.
The tokens will replace an existing security system based on digital certificates, following complaints from some customers that it was difficult to use.
"We have had quasi-two-factor authentication on business banking using digital certificates since we launched four years ago. From an anti-fraud point of view, it is fantastic, but from a usability view, it has not been as good," said Mervyn Northam, head of business internet banking at HSBC.
The keyring-sized tokens will help to protect customers from online fraud, including phishing, keylogger Trojans, hacking and screen capture, the bank said.
Northam said the main challenge in installing the system was not technical, but creating mechanisms to communicate with customers and to deal with enquiries.
The bank believes that more secure access will encourage customers who have left their online accounts dormant to start using them again.
HSBC and First Direct have become the first banks to offer customers the ability to check their balances and view mini-statements using their mobile phones. The service, Monilink, was developed by cash machine operator Link and IT services firm Morse.