HSBC to issue security tokens to its customers

gt94sss2

Looks like a good idea, and more secure than the card readers other banks use.

Just wish the shape was similar to the keyring fobs they give their business customers!

HSBC Bank is sending all personal internet banking customers a new device which will add an extra layer of security when accessing their accounts online.

The device, which is small enough to keep in a wallet or purse, generates a unique PIN code each time a customer logs on to their accounts. Called the HSBC Secure Key, it is unique because it doesn't require a bank card to be inserted into the reader. This new device represents the high street bank's latest action to ensure its customers are one step ahead of the online fraudsters.

But consumers have a key part to play in keeping themselves safe online. Chris Pilling, Head of HSBC Customer Security Development, explained, "Customers are the first line of defence against online crime and can do a huge amount to ensure their accounts are safe from cyber criminals. Keeping your PIN and passwords secret is vital and this is why we have added the HSBC Secure Key to our range of customer-focused online protection.

"By generating a unique code every time you access your accounts, you can be confident you are the only person accessing your money. Our Secure Key is small and lightweight enough to keep in your wallet or purse, so you can still do your banking wherever and whenever you like. It's a quick extra step to keep our customers' details secure and away from uninvited eyes.

"However, HSBC customers can rest assured that they are fully protected as HSBC will refund anyone who falls victim to online fraud."

Customers need do nothing at this time. The HSBC Secure Key will be issued to all new HSBC customers that register for online banking from 23 March and will be rolled out to all existing customers over the coming months. All the information about the device, as well as videos and advice on how to keep safe online, is available at the new HSBC online security centre: http://www.hsbc.co.uk/securekey/

Regards
Sunil

[Deleted User]

another bank to follow the card reader security (without the card this time)

gt94sss2

vinh1000 wrote: »

another bank to follow the card reader security (without the card this time)

If I'm right about the technology they are using, its more secure than the method other banks are using.

This looks like a SecureID implemention - which means the security number will change every minute or so.

The system the other banks use doesn't work like this and its often possible to generate security numbers 'in advance' using them - unlike the HSBC system

Its also physically smaller and easier to carry..

Regards
Sunil

NFH

gt94sss2 wrote: »

This looks like a SecureID implemention - which means the security number will change every minute or so.

No, it doesn't look like SecurID but more like Vasco Digipass. Because it has a keypad, there's some kind of challenge/response process. The chances are that after you enter your internet banking user ID in HSBC's web site, the web site will give you a numeric code to enter into the device. The device then gives you an alphanumeric code to enter back into the web site. I may be wrong, as I'm just guessing based on what I've seen from other banks and what the device looks like.

gt94sss2

NFH wrote: »

No, it doesn't look like SecurID but more like Vasco Digipass. Because it has a keypad, there's some kind of challenge/response process. The chances are that after you enter your internet banking user ID in HSBC's web site, the web site will give you a numeric code to enter into the device. The device then gives you an alphanumeric code to enter back into the web site. I may be wrong, as I'm just guessing based on what I've seen from other banks and what the device looks like.

Hmm.. it physically looks like a Digipass 270.

There is a demo of it working on HSBC's website at http://www.hsbc.co.uk/1/2/security-centre/secure-key-demo but I don't think the website gives you a code to type in...

Regards
Sunil

Loughton_Monkey

They've been using something similar in China for about 7 years. I had to have one to access my HSBC accounts in Shanghai.

Lokolo

fs, this is just annoying!

rb10

It surely has to be a 'challenge and response' type thing, as otherwise there would be no need for the keypad.

Personally, I find that the one that they give their business customers to be great. It is small and simple. All I have to do is press one button, and it will give me a 6-digit number. There is no extra inconvenience to me compared with any other method of logging on.

notafan

urg i hate these things,

I stopped using RBS because it was such a pain, who carries a card reader around

Before anyone tells me how small it is or how much extra security i'll get im gunna say this...


We've been managing fine before now

Its something else to loose

Its something else to carry about with you regardless of size (and whilst it might be smaller then a credit card i bet its neither as thin as one or as flexible!)

You'll be forced to use it for the most basic of banking things like simple transfers.

Its a bit of a joke really, why couldn't they have done something really intuitive like use or mobile or even one of those key ring type things if they really had to - at least then you'd be carrying those things with you already.

Plus if its so insecure wouldn't we need it for telephone banking too (which for the large part is automated so no extra checks by a real person), although from what i can see so far its not required for that and knowing HSBC they'll probably cash in on the extra phone calls it causes.

Typical of banks not really coming up with a user friendly intuitive way to solve a problem - but forcing us to use some new piece of technology junk to convince us its safer.

Whats even more amazing is that after the introduction of chip and pin - they are now happy for us to just wave our cards at a machine and for it to swipe upto £15 of us instantly (and possibly upto i think 4 times without asking for a pin) so thats upto £60 you could wipe from anyones account without any secuirty details yet i'm suddenly expected after banking online since the year dot that im at a huge risk and this is the best way for me to be safe.

(and dont get me started on rapport being bugged about that all the time is bad enough)

Inactive

Sorted......

spenderdave

Not sure why they are issuing devices totally different to the ones used on their business accounts rather than just expanding those to personal accounts. I have the business account device and it is very straight forward. Now I will be getting a totally different one..