/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsMUMBAI, INDIA: In recent years, there has been a rise in the number of people using mobile banking and Internet transactions. Though mobile and Internet offer ease and convenience to people, it remains unsafe due to the rise of phishing attacks, identity thefts, hacking, spams mails, viruses etc.
Looking at this situation, the Reserve Bank of India (RBI) issued guidelines for mobile and Internet transactions early this year. It ensures users' safety and asks businesses to protect customers' personal information and identities, thereby overcoming any fraud.
From users' safety perspective, these guidelines would have no meaning unless businesses invest and deploy the effective technologies and security mechanism to counter threats.
According to security experts, the Two Factor Authentication (2FA) is a powerful security solution to protect users against those threats and attacks as it adds a second security layer on to the existing one using devices called tokens that generate time-bound dynamic passwords.
These dynamic passwords are numeric combinations generated by algorithms, programmed to work for specific time frame, also known as One Time Passwords (OTP). Users can enhance security with OTP for any transaction or information sharing process.
Today, tokens are available in various form factors such as hardware devices, flash drives, cards, SMS as well as mobile phones.
Importantly, users can avail the 2FA-based security facility only if the businesses deploy 2FA across their networks and infrastructure and provide tokens. But for businesses, the investment in technology upgrades remains a costly affair.
So, will businesses invest in 2FA-based technology for their users' security?
“Some businesses such as banks say that security is an integral part for their customers security and would deploy 2FA. While, some say they would recover the cost of technology from their customers by levying service charge, or would only offer 2FA security to premium or high-net income customers,” says Rajiv Chadha, VeriSign Services India's vice president.
Further, Chadha comments that running the business, for instance a bank, in the traditional off-line mode is far more expensive and needs resources along with capital and operational funds.
“However, shifting business on the Internet and mobile saves cost and offers convenience to users. The savings made by shifting business to online and mobile is comparatively high against offline. And it should be used for enhancing security with 2FA and other devices,” adds Chadha.
In fact, VeriSign launched the VeriSign Identity Protection (VIP) Access for mobile solution in India recently. It is a free downloadable solution for the users and the businesses can save good amount on providing security tokens to large customer base.
Here, the mobile phone works as token and the six digit OTP is displayed on phone's screen. Even OTP can be received as an SMS, which is an optional feature. However, any businesses, for instance a website, will need to join the VeriSign VIP Authentication Network to offer its users with 2FA.
“VeriSign offers its authentication service to businesses on the per user per transaction model. It's an operational cost that businesses needs to make,” adds Chadha.
About VeriSign's customers, eBay and AOL have deployed 2FA for their users. It's understandable with eBay using 2FA for on-line payments and transactions security. But, surprisingly with AOL, the site has 2FA to protect users' email accounts. It shows, how this online business is valuing its users and protecting their emails, which is a critical data.