RBS to issue online banking customers with smartcard readers

Royal Bank of Scotland is the latest bank to issue card readers to its online banking customers to help prevent fraud.

Royal Bank of Scotland is the latest bank to issue card readers to its online banking customers to help prevent fraud.

Barclays announced a similar move last month. Royal Bank of Scotland has signed a contract with XIRING to supply the readers, and first customers are receiving their personal readers this week.
XIRING Xi-Sign 4000 for Apacs is a strong authentication system using remote card authentication technology to secure online banking. This security solution has been defined by the UK bank clearing association Apacs as the UK standard for securing e-banking and e-commerce.
Xi-Sign 4000 for Apacs is a two-factor authentication solution based on the payment EMV Chip & Pin card. It is a portable, standalone smartcard reader that allows customers to log in to their online bank accounts with a higher level of security.

Users insert their Chip & Pin banking card into the device, and type in their four-digit Pin to authenticate locally with the card. Having typed in a code provided by the bank, the reader then displays a dynamic password generated by the card chip. This eight-digit password is valid a single time when accessing banking services via the web portal.
Based on the MasterCard Chip Authentication Programme, endorsed by Visa as Dynamic Passcode Authentication, the Apacs standard uses the EMV banking card scheme already deployed, to provide a standard specification available to all UK banks to secure online banking services.

Bank fraud drives adoption of two-factor authentication >> 

Barclays readers welcome but no cure-all, say experts >>

UK banks face phishing chaos >>

Banks prepare lawsuit over TJX data breach >>

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Comment on this article: computer.weekly@rbi.co.uk

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.