Consumers just don’t feel very good about handing over their personal information to online banks, and that’s a situation ING DIRECT hopes to change by offering a free anti-phishing software download, according to the bank’s security chief.
The U.S. division of Dutch banker ING DIRECT wants to help its customers feel better about online banking, says Robert Weaver, head of information security at the bank.
So it’s arranged for customers to download a free version of Trusteer Rapport anti-phishing software.
It is one more layer of security to stack on the bank’s other efforts, Weaver says.
While the initiative applies to ING DIRECT customers in the U.S., there appear to be good reasons why Canadian banks should take similar steps.
Less than one in 10 Canadians are very confident “big banks” can protect their private information online, according to a survey released last week.
Despite the average Canuck not having access to any bank budgets, 62 per cent think financial institutions should spend more on Internet security and privacy.
Banks aren’t alone, explains Renee Lalonde, vice-president of enterprise software company CA Canada Inc. The Mississauga, Ont.-based firm commissioned the survey that gauged consumer feelings towards retail, government, and financial sectors.
No sector fared well when it came to customer confidence online, she says, because of the high-profile data breaches that have made headlines recently.
“There’s a lot of fear out in the marketplace,” Lalonde says. “It’s an emotional thing – it’s our money and our identities…there’s always the concern of who’s going to nab my personal information and what are they going to do with it.”
Weaver notes that phishing is one of the primary fraud tools being used today.
“Putting up a phishing site costs literally nothing, is fairly easy to do, and if [cyber crooks] get a small percentage of people they spam, it can generate revenue for [them].”
Rapport is complementary to other anti-virus programs a user might run, according to the company’s Web site. It protects users from fraudsters by making sure users type their information into ING DIRECT’s real site, not a phony one.
The program also blocks malware programs such as key loggers from getting user data even if the user is infected with malware. Key strokes are encrypted and users are alerted if a program tries to do a screen grab.
For a bank that relies on the Internet as its primary point of contact with customers, it is key to build customer confidence, say analysts with Toronto-based IDC Canada. Past research has shown customers will not complete a transaction if they feel wary.
ING DIRECT is “likely providing something that gives the user more confidence and helps them feel more secure” with the software, says David Senf, director of research for Canadian security and infrastructure software at IDC.
“It’s a bit like airports, where security is elevated a little and it helps everyone feel better.”
ING’s approach does add real security, analysts agree. As financial institutions see a rising number of fraud attempts against them, more such efforts are inevitable.
Pairing security software with a bank account could even become routine.
“When you look at the TD Canada Trust partnership with Symantec, it means a good cross-sell opportunity for both companies because it’s an obvious fit,” says Robert Burbach, research analyst for Canadian financial institutions at IDC.
Offering consumer-end software is another way that banks can boost their security, CA’s Lalonde agrees.
Particularly since nothing is required of the consumer beyond the download and install of the software that runs in your computer’s background.
“Over time, you’ll see more and more banks do this,” she says. “If I’m doing business with an organization that promotes security as top-of-mind – that increases my confidence in [it].”
Overall, one out of five Canadian organizations reported losing confidential information as a result of a security attack or breach, according to the survey.
That’s double the number that lost information just two years ago.
Such breaches are devastating to a company’s image when they become public, the survey shows. Almost nine out of 10 Canadians say a security breach damages an organization’s reputation or results in a loss of their trust and confidence.
“We live in a world where we do everything electronically,” Lalonde says. “It doesn’t matter what type of business you’re dealing with because they all have access to your personal data.”
ING DIRECT is hoping its free software offering will help improve the online experience for U.S. customers, Weaver says.
The bank wants customers to be comfortable operating online, he says.
“It’s not a good feeling to know that some bad guy tricked you into giving up information. It makes you wary of using online services.”
Currently, anyone can download the Rapport software from ING DIRECT’s Web site. But only U.S. customers of ING will experience the extra authentication features there – though international branches could register with the software at any time.
Users of the software can also access some limited protection services, Weaver says. For example, users can self-register up to three Web pages they often use.
The CA survey is accurate within +/- 4.9 percentage points, 19 times out of 20.