Safe surfing

Internet banking has become a revenue channel to rival that of the traditional high street branch. The flipside to this growth is of course the lingering security threats to customer accounts posed by fraudster. Mervyn Northam, Head of Business Internet Banking at HSBC explains what the bank is doing to keep the criminals at bay.

FST. How has the internet, and broadband in particular, changed the landscape of banking for European institutions and especially HSBC? Did you ever envisage that internet banking would rival branch and telephone channels?
MN. Use of the Internet is reputed to double every three years and we are certainly experiencing a growing demand from our customers for more and more services online. Initially, it was the early adopters that began to do their banking online but now we see around a third of all customers undertaking some part of their banking online. The move from dial-up to broadband has removed many of the frustrations that existed at the outset and most customers now find it the fastest and most convenient way to communicate with their bank.

We don’t see the Internet as a rival to the telephone or the branch network. It is another channel we provide, giving our customers a further choice and helping to make it as easy as possible for them to do business with us. In terms of simple transactions, the Internet now processes far more than the branches or via the telephone. This has a further advantage as staff in our call centres and branches now have more time to spend dealing with more complex transactions, where customers require the advice and guidance of a real person.

FST. Looking at internet security, what are the main problems that you face in tackling this huge aspect of your operations?
MN. Fraud is a constant threat in every aspect of daily life – the Internet is no different. When Internet banking was first launched the challenge came from individuals who sought to ‘break’ the system, just to prove they could. Later it came from relatively small time criminals, trying to break into systems to steal money. These days, it is often highly organised international groups, working on a big scale, attempting to take very large sums of money.

As the challenges have changed, so have the approach and our responses to them. Each organisation has its own systems for dealing with threats; a major concern is how to balance security and ease of use. Our systems are extremely well protected – the weakness comes in making them easily accessible to our customers. The further protected an entry point is, the more difficult it is for criminals but also for genuine customers to access it. For this reason, we have chosen to enhance our internal systems to highlight potentially fraudulent transactions for review and additional verification.

FST. How do the needs of business and individual customers differ when it comes to the internet and what does it mean in terms of levels of security?
MN. The needs and concerns of these two customer groups are very similar - the primary difference being the sums of money involved are generally much higher with business customer’s transactions. We believe business customers recognise this presents a higher level of risk and are therefore prepared to accept a higher security barrier at the login stage. On this basis, we decided during 2006, to introduce an additional layer of security for business customers. We now have around 250,000 users accessing our business internet banking service using a two-factor authentication method to login.

FST. With security such a major concern for business and individual customers what are you doing to put their minds at rest and provide them with all the information they need in order to not fall victim to frauds – like phishing, for example?
MN. We are enthusiastic supporters of a national campaign called Get Safe Online (www.getsafeonline.org). Launched in 2005, the founder sponsors were HM Government, the National High-Tech Crime Unit and a number of private sector companies, including HSBC Bank plc. We provide information about this initiative on our website and the campaign’s website has extensive advice for all Internet users.

FST. But with the criminals becoming more and more sophisticated with their efforts to trick bank customers out of their hard-earned cash, how do you stay one step ahead?
MN. We are a global organisation and have experts in Internet security in virtually every part of the World. Our experts keep in touch with other specialists in the industry and law enforcement agencies globally, ensuring we are fully aware of new criminal activities and the very latest in fraud prevention techniques. This information is shared around the group, allowing each country team to decide what action they need to take in their own area of responsibility.

FST. For some customers – including those less versed in computers and the internet, online banking appears a daunting option. For others, they simply don’t trust imputing their account details online? What can be done to get these people to embrace this channel? And do you think that a significant number will never be convinced?
MN. There is a risk of fraud in everything we do; from using an ATM, to paying for goods and services using a plastic card, writing a cheque, or even accepting a counterfeit bank note – the Internet is no different in this respect. Naturally, some customers will be more concerned about the threat of fraud on the Internet. We are confident this will reduce over time; it is unlikely to disappear however. An increase in the numbers of people using internet banking will attract others to follow suit. The information we provide on our website and the variety of channels we offer are designed to give our customers the necessary information to make an informed decision about how they wish to conduct their banking.

FST. Often when bank a customer fall prey to ID theft, for example, it is because they have employed casual banking habits and been careless with their paperwork. What needs to be done to improve better online habits and encourage they use more secure passwords, for instance?
MN. We encourage customers to read the information we have on our website and to follow ‘best practice’ with regard to online banking habits – this is very well explained on the website www.getsafeonline.org

FST. What does the future hold for internet banking in the next two to three years? And is mobile banking the next big thing in the industry?
MN. The use of Internet Banking is growing rapidly and we expect the trend continue. It is always hard to predict trends but it seems reasonable to believe that by 2010, perhaps 75 per cent of customers will be using internet banking, for at least some of their banking needs. As for mobile banking - this is very much a matter of opinion. Personally, I believe it will depend upon the bandwidth that the mobile network providers can deliver to their customers. When bandwidth is sufficient to mean that the Internet can be used quickly and efficiently using a mobile handset, this will be the driver for access to Internet banking services via the mobile Internet.