Consumers are ready to start using stronger authentication technologies and want their banks and brokerage houses to monitor online transactions for suspicious activity.
As trust among consumers for online banking continues to erode, users in the United States, Europe, Australia, and India are demanding stronger security for their online accounts, a poll published Thursday reported.
According to survey results, majorities of nearly 1,700 consumers in eight countries said they were ready to start using stronger authentication technologies that went beyond the traditional user name/password, wanted their banks and brokerage houses to monitor online banking transactions for suspicious activity, and were familiar with the term "phishing."
The fourth-annual online poll conducted by RSA, the security division of storage maker EMC, traced the ongoing slide in consumer trust: 82% of account holders said that they are less likely to respond to e-mail from their bank because of phishing scams. The results in 2005 and 2004 were 79% and 70%, respectively.
That apparently doesn't mean consumers are ready to abandon online banking, however. More than nine out of every 10 people surveyed said they would be willing to deal with more than just the usual user name/password authentication if it meant stronger security. The group was split almost evenly between those would be "very willing," and others who said they were "somewhat willing" if the sign-up process was "simple."
Consumers were even more divided when it came to what kind of stronger authentication they want. Nearly three out of four (73%) voted for "risk-based" authentication, which is an institution-side assessment of the user's identity based on such things as log-on location, IP address, and transaction behavior.
Forty percent claimed that they would like a hardware token for authentication; 56% said they'd accept image-based authentication, where the bank or brokerage presents an image that's been agreed upon by both the consumer and the institution. A missing or incorrect image tells the consumer he's at a bogus site, not the real online banking log-in.
One disturbing result was that only 39% of account holders said they were aware of their financial institution using some form of additional security, such as personalized images, risk-based authentication, or one-time password token.
"As awareness of identity theft and online fraud grows, people want to feel reassured that they are in fact protected," said Christopher Young, general manager of RSA's consumer group, in a statement. "While most consumers don't want to be burdened with security, they still would like to know they are secure, and as we can see, they are willing to embrace the technology."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.