Barclays tightens mobile security following complaints

Barclays has tightened up the security of its mobile banking service after it was identified as being weak and a risk to data protection.

Barclays has tightened up the security of its mobile banking service after it was identified as being weak and a risk to data protection.

Although it was not easy for people to have money stolen, people whose card details were seen by third parties could have their banking transactions exposed to prying eyes. A Computer Weekly reader complained to Barclays about the lack of security on its mobile banking site.

Following the Computer Weekly report the Information Commissioner's Office (ICO) and Barclays Bank had talks about the security set-up of its mobile banking service.

But Barclays said it was already planning to improve the security of this service, and the changes are not in reaction to any reports or third-party intervention, said a Barclays spokeswoman.

The problem affected the Barclays.mobi web link which connects customers to pages designed to be viewed on mobile phones.

The site allows users to view their financial transactions if they answer four basic security questions.

Three of the answers are available on the card itself. These are surname, 16-digit account number and three-digit security code. The other question is the customer's date of birth.

Barclays has now changed the logging on process to include a secret password.

"Barclays is making some changes to the instant and basic access functionality for online/mobile banking as part of the ongoing development of the online banking service. Customers will now need to opt in to enable instant or basic access as an option on their account and will need to select a memorable word as an added layer of security," said Barclays.

Read more on IT risk management

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close