Security breach hits another online bank

The credibility of online banking has taken another blow after a security flaw was discovered on the Morgan Stanley online banking facility.

The problem came to light after BBC Breakfast was contacted by a viewer who logged on to his Morgan Stanley account.

The flaw enables users to gain access to their credit card information simply by entering the first digit of their credit card number.

According to a recent survey conducted by Mori on behalf of RSA Security, concerns over security are stopping six million people in the UK from banking online.

Following on from the breach found on Cahoot's website last week, there are now real concerns about the security of online banking.

Tim Pickard, strategic marketing director for EMEA at RSA Security, commented: "In the space of one week, this is the second financial institution that has been under attack as a result of relying on passwords alone to authenticate customers.

"Banks and other e-commerce sites must take more responsibility for providing their online customers with adequate security. If action is not taken, those using and trusting in e-commerce will begin to shy away from these services in the future.

"Strong, two-factor authentication, incorporating something that the user knows (Pin) and something that the user has (token), would dramatically improve the security of consumers in this type of environment.

"If Morgan Stanley had been using two-factor authentication, this security breach would not have occurred."

See also:

UK dotcoms gear up for stellar growth

Survey predicts rosy future for e-commerce as more people shop online  10 Nov 2004

Cahoot glitch highlights online safety issues

Software flaw allowed free access to users' accounts  05 Nov 2004

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!