Frankly, I had never expected a venerated public sector institution like Bank of India (http://www.bankofindia.com) to be so proactive about informing their customers about the threats and dangers of Phishing and Vishing attacks. The landing page of Bank of India’s Internet Banking section (http://www.bankofindia.com/internetbank.aspx) uses words such as “BEWARE” and “WARNING” in large lettering that is featured prominently to ensure the customer does not miss the advisory.
A commendable initiative, I must say, considering most Indian banks leave the onus of receiving awareness about such threats to the customer himself, who is mostly not so tech savvy. And Bank of India has not just left it at that. In another first, they have gone ahead and launched a secure application called “STARTOKEN” (http://www.bankofindia.com/2fa.aspx) that is based on the two-factor authentication model, which allows the bank to offer secure internet banking to all customers, regardless of their access points. Check out the demo and you will know what I’m talking about.
Now this is really something! I have been using the Internet Banking service/applications of various private banks, and I haven’t seen anything yet that matches the security levels of the StarToken application. Many banks are still using image and text verification, and additional passwords (measures which are outdated, irrelevant and obsolete). Nobody except Bank of India is using the ‘mutual authentication’ model to ensure the connection is secure and data remains confidential. This technology has apparently taken the developed countries by storm, and most banks and financial institutions in US, UK, Europe are already implementing such solutions and revamping existing systems.
Coming back to India, it would help if the other banks also started upgrading their security levels to match international standards like Bank of India has done. This goes especially for the new age and private sector banks (who are expected to be more tech savvy in any case).
So if you’re doing Internet banking regularly and think you’re secure just by entering multiple passwords, think again. You might want to try out the StarToken application, for which you’ll have to be a Bank of India customer of course, but that’s another matter.