Nedbank appears to have escaped backlash following the breaking of the Absa "hacker" fraud case of two months ago. The bank says its clients were not concerned and its security systems required no changes after the e-fraud scare erupted.
While its rivals have been quick to upgrade the security of their systems, revamp their Internet banking sites or issue strong statements about legal action that would be taken in such cases, Nedbank has consistently said it is confident in its main security arm - its SMS reference number system.
"We were the last to market to extend our Internet banking functionality that allows the client to change his or her own beneficiaries at will," says Loraine von Hoesslin, Nedbank head of digital business. "This is because we had to find the right balance between security and convenience."
Von Hoesslin says Nedbank adopted the three pillars of security in its approach and has managed to incorporate two, while its rivals are generally only on the first step.
The three pillars are: something you know - which means a password; something you have - in Nedbank`s case a cellphone; and something you are - which relates to biometric technology and is considered the most secure but the most difficult step to implement.
"Our SMS service sends the client a reference number once they want to do an unsecured transaction such as a once-off payment, which is not on the monthly list of beneficiaries," Von Hoesslin says. The other banks` SMS services only notify the client once the transaction has happened.
"We realised 12 months ago when we implemented our SMS service that hackers and fraudsters could capture almost anything on a client`s PC screen. So we made it difficult for them by including the SMS reference number, because the fraudster would also have to get hold of the client`s cellphone or find some way to get into the GSM network," she says.
Von Hoesslin says fraudsters, like almost any other criminal, will go for the weakest link in security and that generally is the client`s PC.
She says Nedbank`s clients have been so confident in the security of their Internet banking that the bank`s call centre received fewer than 100 queries about security during July, when the e-banking scare erupted.
"We know that security is a moving target, so we are planning some upgrades in the future. Part of this will be an extension to our current SMS service," Von Hoesslin says.
Nedbank`s Internet banking has one of the smaller customer bases of the big four commercial banks, with a total of 150 000 clients. The number of online transactions recently passed the 3.3 million per month mark.
Share
