It's a beautiful thing when a plan comes together. For Sean Gilchrist, director of digital banking at Barclays, the UK bank's aggressive, industry-leading and highly visible investment in securing the online banking channel means that Barclays' fraud numbers will zig while the rest of the industry continues to zag.
Online banking fraud in the United Kingdom ballooned by 185 percent in the first six months of 2008, when compared with the same period in 2007, totaling about $36 million USD in the first half of this year, according to the UK payment association APACS. Like all good security chiefs Gilchrist won't say how dramatic Barclay's reduction in online fraud has been, but when compared to the APACS numbers he demures, "Barclays hasn't experienced that."
Barclays success in beating online account fraud comes from the decidedly different tack it took in dealing with the problem. When banks in the United States were reacting to the FFIEC mandate that they implement stronger authentication, most sought ways to build the protections behind the scenes so that users were barely aware of the increased security. Barclays took the opposite approach, primarily in reaction to research indicating that customers expected their online banking site to be extremely secure, and in particular more secure than online shopping sites. "We put together a number of very visible things to enable our customers to feel Barclays was taking security very seriously," Gilchrist says.
Among the most visible was Barclay's PIN Sentry initiative that involved sending more than a million fairly large, and some would say clunky, card readers with PIN pads to customers for use as a second factor of authentication when logging into Barclay's online banking site. Barclays was the first to take this bold move in mid-2007, paving the way for other UK banks that have since followed suit.
The bank followed up this effort with the announcement this summer that it would make Kaspersky Labs' Internet Security software package available as a free download to two million online banking customers, for up to three computers per household. In the past, Barclays had offered free anti-virus software, but the upgrade to Kaspersky is a nod to the reality that it's far more than viruses threatening consumers online accounts.
These two highly visible steps have produced some solid proof that the organized crime groups that began attacking online banking in earnest in 2005 have deemed Barclay's accounts to tough to tackle. "We're seeing banking Trojans released in the market that don't have Barclays as an attack vehicle," Gilchrist says. "So there are some tangible benefits to being overt."
There are also business benefits to being overt. Barclays online banking channel has seen "fantastic" growth this year Gilchrist says, despite market conditions. "We don't see any dropoff in the online space from people's nerves; and the fact that we have a very stable site - customers draw reassurance from that."