CHARLOTTE, N.C. – Bank of America Corp. is rolling out a new security system aimed at thwarting efforts by online crooks to access its customers’ accounts. Passwords will no longer be enough.
ADVERTISEMENT
With SiteKey, bank customers pick three challenge questions — things only the customer would know, such as the year and model of the customer’s first car — and provide them with the traditional password to log on.
Customers can also verify they are indeed at Bank of America’s Web site by clicking on a SiteKey button. If they fail to see a secret image and phrase they had chosen earlier, they could be at a fake Web site and the target of a «phishing» scam.
Bank of America is rolling out SiteKey this week in Virginia, Maryland and Washington, D.C., following a launch in Tennessee last month. It should be available nationwide by the fall.
The service will be free.
Although SiteKey wouldn’t have prevented recent high-profile security breaches, it shows how seriously the bank considers security, said Jim Stickley of TraceSecurity Inc., a computer security company not involved with SiteKey.
Because so many Web sites now require passwords, many Internet users have become careless and create easy-to-remember passwords that tend to be easy to guess.
So U.S. banks and Internet services are beginning to embrace a second ID — in this case, the challenge questions — taking an approach already common in Scandinavia, Brazil, Singapore and selected countries.