Banks will come under further pressure to adopt two-factor authentication technology following a 55% increase in the cost of online banking fraud over the past year.
Figures released today (7 November) by the Association of Payment Clearing Services (Apacs), show bank losses reached £22.5m in the first six months of the year, up from £14.m over the same period in 2005.
The increase has been driven by a dramatic rise in the volume of phishing incidents, which rose from 312 in the first six months of 2005 to 5,059 in the first half of 2006.
Several banks, including Alliance & Leicester and HSBC, are trialling two-factor authentication technology in an effort to stem the tide of phishing fraud. Apacs said it was working with banks and retailers to test what could become an industry standard version of two-factor authentication next year. The system uses low-cost handheld card readers to generate one-time passwords, which can be used to verify purchases online or over the phone.
Apacs said the losses caused by online fraud were growing slowly compared to the growth in the number of online transactions. More than 26.4 million people now shop online, with an estimated 372 million transactions being undertaken last year, it said.
Despite the growth in online fraud, the introduction of chip and Pin cards has led to an overall decline in card fraud, from £219.m in the first half of 2005 to £209.3m this year.
Increases in counterfeit credit card fraud were mainly driven by fraudsters copying magnet stripe details and using hidden miniature cameras to capture Pins at cash machines. But these losses are expected to decline in the UK in the second half of the year, following a programme to update cash machines and tills with chip and Pin technology.
Chip and Pin has also made significant inroads in protecting consumers from fraud in face-to-face retail transactions, with losses down by 43% following a 35% fall last year. However, card fraud abroad in countries where chip and Pin has yet to be adopted has increased by 16%.
Comment on this article: firstname.lastname@example.org