Barclays offline card reader authentication system PINsentry has been successful in fighting financial cyber crime.
David Mitchell, Senior Manager, Digital Operations and Fraud at Barclays explains:
“Phishing attacks started in the UK in late 2004,”
“We saw that static credentials were no longer good enough for new thirdparty payment transactions and for new functionality we want to add to our online banking service.”
“We wanted to give customers ownership of their accounts and for them to be able to make payments and access future services”
“With phishing attacks increasing, static credentials simply wouldn’t be strong enough to offer these future services online.“
Now, all the customer needs to do is insert their standard chip-enabled bank card into the PINsentry reader and type in their PIN. They carry the device with them and can perform these secure online transactions from any personal computer.
“The system works by securing the logon using the PINsentry device to generate a one-time-only pass code,”
“This is a stronger authentication method than static credentials, as the code is spent once the customer has used it.”
“We also ask our customers to digitally sign any third-party payments they set up online using the PINsentry device.”