Wednesday, September 16, 2009

49% of Consumers Worldwide Would Switch Banks if Victim of Card Fraud

"49% of consumers across eight countries would consider switching or definitely switch banks if they or someone they knew was hit by card fraud"





I'd say it's time for banks to ditch the username/password/20 questions game and start "genuinely" authenticating online banking sessions by requiring users to swipe their card and enter their PIN. You know, the same way their customers access cash at an ATM.





The current system benefits only the bad guys.



Banks cannot continue on their current path. Asking questions such as:  What's your mother's maiden name,

What's the make of your first car,  What is the First Letter of the Middle Initial of your Second dog...all that kinda stuff, is not secure...it's either accessible at social networking sites or available by simple keylogging schemes.



But  converting customers to Swiping vs. Typing, that's genuine authentication.  Especially the way HomeATM instantaneously encrypts the cardholder data.  Financial institutions would enhance their image by providing their customers with an encryption enabled online banking log-in. There's proof of this.  Look to Barclays who has already distributed well over a million of their PINSentry devices.



It's not a coincidence that Barclays bank was recently rated #1 for providing the most secure online banking application in the U.K. Why? Because they require their online banking customers to use their PINSentry device for two-factor authentication.


"Barclays was the only one of the 10 banks surveyed to get a rating of 'excellent'. The company requires all its online customers to use a "two-factor authentication" (2FA) system involving a PINsentry device which generates a one-time password for each session".





"HomeATM is far more useful than the PINSentry device. It provides not only two-factor authentication log-in, but it does it without generating a one-time password (OTP) which have been recently exposed as hackable. Once the PINSentry device authenticates the user, it's usefulness is done until the next time the user logs in...whereas with HomeATM's device, logging in is only the beginning of what it enables the consumer to do.



Our Slim or SafeTPIN device can be further utilized for online bill payments, (online bill payment customers increase bank profitability by 15%...google it) person to person money transfers (in real time) secure Internet End-to-End Encrypted Card Present transactions, peace of mind, loyalty, image and brand enhancement and so much more.



So the bottomline is: Would banks prefer risking the loss of 49% of their customers, or would they prefer to provide their customers with a free PCI 2.x Certified PED along with the peace of mind, safety and security of a 2FA 3DES E2EE PCI 2.x "certified" (not compliant, certified) solution which their customers can use in the privacy of their own home. Hmmmm.....




Still Confused as to which way to go: I leave you with this: Court Allows Suit Against Bank Based on Poor Online Banking Log-In



A recent survey by ACI Worldwide of consumers around the world found that one in five have been hit by debit or credit card fraud in past five years. The research, of more than 2,400 consumers across eight countries, also found that if an individual or someone they knew was hit by card fraud:
22 per cent would change financial institutions, and a further

27 per cent would "consider" changing financial institutions.
I'd say it's as easy as 1-2-3:

1- (Issue card)
2- Issue PIN
3. Issue Card Reader/PIN Entry Device

 Of course there's another formula they can use:

Do the math


















Reblog this post [with Zemanta]

Disqus for ePayment News