Europeans worry about online banking security

Phishing, keystroke logging and other types of scams are increasingly worrying users of online banking services in Europe while scaring others away, according to a report issued Tuesday from Forrester Research Inc.

To retain online customers and win new ones, banks will need to change many consumers’ belief that online banking isn’t safe. That means, according to Forrester, banks can’t rely solely on governments or ISPs (Internet service providers) to make the Internet a safe place to do business but must deploy or strengthen two-factor authentication — such as PIN and transaction authorization number (TAN) — and educate Net users about security precautions, such as firewalls.

European consumers are losing trust in the Internet as a channel for doing business as computer attacks on them and the companies they do business with mount, according to Forrester.

Just 30 per cent of the 22,907 Europeans polled by Forrester said they are confident of the security of personal financial information, such as credit and debit card numbers, when used to make transactions online. Two-fifths of the interviewed Net users who don’t use online banking said they have no plans to do so in the future because of security concerns.

Equally troubling, security fears don’t just keep some consumers from signing up for online banking services, they cause some existing online banking users to stop. In the U.K., for instance, one million Net users tried online banking and gave it up by 2002, according to Forrester. Nearly 30 per cent cited security worries. Similarly, in the U.S., around three million Net users have stopped using online banking services, with a third of them also citing security concerns, the market researcher said.

Many European consumers, according to Forrester, think online banking is less safe than paying by card in a restaurant.

However, online banking security fears are noticeably lower in countries, such as Germany, the Netherlands and Sweden, where banks have introduced two-factor authentication policies. In Germany, for instance, most banks require online banking customers to have their own confidential PIN and a list of TANs to make money transactions online. Some, in fact, now require a third identification number.

Banks also need to educate their online banking customers about security precautions, Forrester recommended in the report. Many customers, it said, have only a vague understanding of the complex range of security risks they face, such as phishing and keystroke logging. Banks need their customers to help fight these attacks because they are more difficult to spot and defend against than direct attacks on the banks’ own systems.