ETrade Financial will soon launch a two-factor authentication service designed to provide customers of the online financial services company with an added layer of protection when they access account information over the Internet.
The authentication scheme is based on RSA Security's SecurID token technology and will allow ETrade customers to use a random and constantly changing number in conjunction with their regular user IDs and passwords to access their ETrade accounts.
The tokens give customers an additional layer of protection and make it impossible for unintended or unauthorized users to gain access to ETrade accounts by stealing passwords, said Joshua Levine, the company's chief technology officer. Unlike static passwords, which can be stolen and misused, RSA's tokens generate a unique six-digit code that changes every 60 seconds, Levine said.
ETrade's decision to support two-factor authentication addresses consumer fears about online identity theft and data loss, Levine said. "We felt that this is really something that our customers needed to make them feel comfortable about doing e-commerce," he said.
Initially, ETrade will offer the authentication service as a free option only for customers who maintain accounts with the company that are worth more than US$50,000, Levine said. Eventually, other customers will be able to buy the tokens from ETrade for a fee, although the exact amount has not yet been decided.
ETrade is the first large financial services company in the U.S to offer two-factor authentication for online transactions, said Avivah Litan, an analyst at Gartner.
The company's move comes at a time when consumer concerns over identity theft and e-mail fraud appear to be increasing -- especially in connection with online financial transactions.
In a December 2004 poll by Forrester Research, 26 percent of online consumers surveyed said e-mail fraud concerns had stopped them from applying for a financial product over the Internet. And 20 percent of online consumers don't open e-mails that appear to be from their financial provider because of fraud concerns, Forrester reported.
Another study, released last week by Forrester, warns that consumers could lose trust in the Internet as a channel for doing business as computer attacks on consumers and companies mount. To address that issue, companies will need to focus on identity assurance, usage assurance, service assurance and privacy assurance, the report said.
ETrade's move gives "another way for them to retain their profitable, high-value customers," Litan said. But she noted that the company needs to make the security measure available to all customers "if they are really worried about fraud losses."
Though ETrade is the first U.S. online broker to support two-factor authentication, companies in Europe have been doing so for several years, Litan said. Much of that adoption stemmed from the stronger consumer concerns in Europe about security and privacy, she said.
In contrast, U.S. banks and other financial companies are afraid that they will drive customers away by introducing new security measures, she said. Cost is another issue -- authentication tokens such as those being offered by ETrade cost at least $10 per user to support, she said.
"ETrade is absorbing the cost because they expect to get it back by selling more services to their higher-value customers," Litan said.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
AOC Launches 18.5” Widescreen Green 16:9 LCD Monitor in Australia and New Zealand 2008-12-03 15:30:00+11
FrontRange Solutions eases software license management with new License Manager 3.0 2008-12-03 14:56:00+11
Progress Software's Cure for Managing Services-based Applications 2008-12-03 14:42:00+11
S3 Graphics Unleashes Full OpenGL® 3.0 API Support with Beta Driver for Chrome 500 Series GPUs 2008-12-03 14:08:00+11
Informatica Powercenter added to Nec Infoframe Solution Suite 2008-12-03 11:36:00+11
Solve Exchange Mailbox Storage Issues Once and for All
Join industry expert Bob Spurzem and Chuck Arconi of Fox Hollow to discover how to reduce Exchange total storage and keep it at a manageable level. Learn how Exchange storage growth can be contained without sacrificing security and accessibility.
Buying Guides
Buying Guides
