Royal Bank of Scotland is the latest bank to issue card readers to its online banking customers to help prevent fraud.
Barclays announced a similar move last month. Royal Bank of Scotland has signed a contract with XIRING to supply the readers, and first customers are receiving their personal readers this week.
XIRING Xi-Sign 4000 for Apacs is a strong authentication system using remote card authentication technology to secure online banking. This security solution has been defined by the UK bank clearing association Apacs as the UK standard for securing e-banking and e-commerce.
Xi-Sign 4000 for Apacs is a two-factor authentication solution based on the payment EMV Chip & Pin card. It is a portable, standalone smartcard reader that allows customers to log in to their online bank accounts with a higher level of security.
Users insert their Chip & Pin banking card into the device, and type in their four-digit Pin to authenticate locally with the card. Having typed in a code provided by the bank, the reader then displays a dynamic password generated by the card chip. This eight-digit password is valid a single time when accessing banking services via the web portal.
Based on the MasterCard Chip Authentication Programme, endorsed by Visa as Dynamic Passcode Authentication, the Apacs standard uses the EMV banking card scheme already deployed, to provide a standard specification available to all UK banks to secure online banking services.
David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security
Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management
Comment on this article: firstname.lastname@example.org