Sister companies, the Clydesdale and Yorkshire Banks, have become the latest UK financial operations to secure online banking access for retail customers using Trusteer’s Rapport browser plug-in.
After trialling the technology to customers for some months, all users will now be offered the same security features already enjoyed by UK customers of Santander, Alliance & Leicester, Co-operative Financial Services, and HSBC.
With the plug-in installed, this includes the opening of an encrypted channel via a bank gateway, protection against site spoofing and man-in-the-middle attacks, and detection of the pesky bank Trojans such as Zeus/SpyEye that have caused major problems in the last year.
Conventional browser access to bank websites is, as has been realised, wide open to attack, even with antivirus software installed.
“We are always looking at ways to ensure our customers have the highest levels of protection against the increasing fraud threat that exists to ensure they can safely and efficiently conduct their banking online,” said Clydesdale Bank/Yorkshire Bank online baking head Wilson Ferguson.
“This link up allows our personal and business customers who bank online to be even more secure and provide that additional peace of mind”, he said.
There is no doubt that Trusteer offers a major hurdle to criminals targeting online bank customers to the extent that some have even tried to attack the plug-in itself on more than one occasion. There is no evidence that these attacks have been successful.
One tension preoccupying the industry is that the sort of security being offered in Rapport might soon become mandatory for customers in the face of sustained attempts to compromise online bank accounts.
The evidence that criminals can make huge sums from this type of fraud are all around. Only days ago, the biggest phishing operation ever to be prosecuted in the UK saw heavy sentences handed out to three men found guilty of being involved. The sums stolen by them are believed to have exceeded £4 million ($6.5 million).
Trusteer’s Rapport can also be used without integration with a banking gateway though without the encrypted channel.