British banks in talks to fight ID theft

RSA Security is in high-level discussions with all the big U.K. banks, as concern over ID theft and data protection rises.

2 min read
HANNOVER, Germany--Major British banks may soon tighten their security in a bid to protect customers from identity theft.

RSA Security has been in discussions with all of the major U.K. banks about providing them with better security for their customers, the company said on Thursday. Although U.K. banks have been slow to take up increased security measures, RSA said they are now close to acting on identity theft.

"We are in conversations with all of them," said Tim Pickard, marketing director at RSA Security, speaking at the CeBit trade show here. "It's an issue that's on all their minds. I expect you will see them move this year."

Last year, Howard Schmidt, the former cybersecurity advisor to the White House and chief security officer at eBay, called on online businesses to implement stronger authentication for their customers' security. Some banks in Norway are already taking the issue seriously by generating one-time tokens to authenticate the identity of customers.

As yet, it is unclear how much money has been stolen through Internet identity theft. Next month, the Association for Payment and Clearing Services is scheduled to release a report that should give more details on the extent of the problem.

Pickard added that phishing attacks are likely to rise dramatically later this year, because fraudsters in China are creating huge databases of e-mail addresses and identities.

"China and South Asia is likely to come online soon with phishing scams. They (phishers) are building databases to launch phishing attacks," Pickard said.

Phishing schemes typically use e-mail messages that look like they come from a trusted service provider to dupe people into visiting a malicious Web site. The fraudulent site appears to be legitimate, but has been set up to steal the victim's personal information, such as a credit card number, which could then be used to commit identity fraud.

Dan Ilett of ZDNet UK reported from Hannover.