It was reported recently that a security flaw had been discovered on the Morgan Stanley online banking facility. The flaw enables users to gain access to their credit card information, simply by entering the first digit of their credit card number.
Tim Pickard strategic marketing director EMEA, RSA Security, commented: "In the space of one week, this is the second financial institution that has been under attack as a result of relying on passwords alone to authenticate customers. Banks and other ecommerce sites must take more responsibility for providing their online customers with adequate security. If action is not taken, those using and trusting in ecommerce will begin to shy away from these services in the future." Pickard continued: "Strong, two-factor authentication, incorporating something that the user knows (PIN) and something that the user has (token), would dramatically improve the security of consumers in this type of environment. If Morgan Stanley had been using two-factor authentication, this security breach would not have occurred."
According to a recent survey conducted by MORI on behalf of RSA Security, concerns over online baking are stopping six million people in the UK from banking online. After this latest security breach, how many more people will no longer be banking online? RSA asks.
RSA Security recently announced that Credit Suisse, a European bank, has selected RSA SecurID two-factor authentication to authenticate online
banking customers and protect them from online theft and identity fraud.