Online banking dogged by insecurity Online insecurity hits banks

Online banking has been an enormous success in Hong Kong but further growth will depend on how well banks can balance consumer expectations of convenience with the need for enhanced security precautions.

The internet has been the fastest-growing banking delivery channel over the past four years, with the number of personal online bank accounts increasing 23 per cent to 2.7 million last year.

But when the biggest lender, HSBC, reported no growth last year in the percentage of transactions taking place online, questions were raised as to whether e-banking had reached a natural ceiling based on personal computer penetration in Hong Kong and whether fears of cyber insecurity might be driving customers away from the internet back to branches and the automated teller machines.

News last week that a credit-card processing centre had been hacked in the United States, compromising confidential data for almost 40 million card accounts worldwide, further heightened public anxieties over the security of electronic transactions.

The Hong Kong Monetary Authority remains bullish about internet banking, but it has clearly been unnerved by the security implications. It recently imposed the most comprehensive changes to online banking regulation since services first hit the mainstream in 2000.

From the end of this month, banks will require more than a simple user name and password when doing 'high-risk' transactions online.

The HKMA now mandates use of a two-factor authentication system: a reusable password chosen by the user, plus another password delivered at each logon by SMS, e-Cert or by portable authentication device.