HSBC is considering rolling out security certificates in a move to prevent phishing attacks across 650 websites worldwide after rolling out the technology in its UK retail operation.
The bank is attempting to increase customer confidence in online banking by installing software to show customers they are on a genuine HSBC website rather than a phishing website designed to steal customer's banking details.
The bank's UK retail websites will use Verisign's Extended Validation SSL certificates from May. The software displays a green bar on the screen to reassure customers they are on a genuine website.
"We have the capability available so [we] can roll it out globally," said Barry Jones, senior manager group IT security. "Now that it is in the UK business it will be given impetus." He said the bank tries to ensure consistency across the globe but it is a business decision for each region.
The bank is looking at where else in the UK business the certificates can be used. "This is only retail banking at the moment, but it could be extended to businesses like mortgages and loans," he said.
HSBC has 3,500 registered domains with more than 650 websites. These include 77 country websites, 42 personal Internet banking sites and 28 commercial internet banking sites.
Jones said the added security is easy to implement by loading a piece of software on to a webserver. Each certificate costs between £900 and £1,300.
The number of phishing attacks in the UK alone was 10,000 in the first quarter of this year according to the Association of Payment Clearing Services. This represented a 200% increase.
Criminals use phishing attacks to steal personal details such as bank account numbers and passwords by tricking customers into typing their details into fake websites.
"Limiting the number of attacks that succeed in stealing information is vital to keep customers confident," said Jones.
HSBC has 125 million global customers with 40 million using online banking. It has 15.6 million UK customers with three million using online banking.