Better protection: Association of Banks Chairman He Guangbei, Monetary Authority Deputy Chief Executive William Ryback and Police Senior Superintendent Man Chi-hung show three main types of two-factor authentication.

A two-factor authentication for high-risk retail Internet banking transactions will soon be available, boosting online security, Monetary Authority Deputy Chief Executive William Ryback says.

Launching the measure today, Mr Ryback said the use of Internet banking services has been growing rapidly, with personal online accounts surging 23% to more than 2.7 million at the end of 2004 over the previous year. Business online banking accounts rose 60%, to 107,000.

Due to growing acceptance of online banking and more sophistication in fraud, the industry agreed to implement two-factor authentication for high-risk transactions.

Banks offering these transactions will have two-factor authentication ready in June, and customers will need to adopt the system.

3 types

The three common types of two-factor authentication are digital certificate, SMS-based one-time password and security token-based one-time password. More information on two-factor authentication is available at the authority's website or the Association of Banks' website.

"Two-factor authentication strengthens the security controls of Internet banking and protects customers from fraud," Mr Ryback said.

"Hong Kong is one of the first places amongst the developed financial markets to establish such a regulatory requirement which enables Internet banking to continue to flourish under a safe environment."

Association chairman He Guangbei said a customer education programme will be launched to help users familiarise themselves with the significance, benefits and use of two-factor authentication.

"I am confident that, with the concerted efforts of the banking industry, the Monetary Authority, Police and the general public at large, we can ensure the convenience and safety of Internet banking for all in Hong Kong."