Making the password dynamic and enjoying greater safety

In recent years on-line bank is increasingly recognized by the public thanks to its safe, convenient and quick services. However, the reports on “false website” and the news that “Trojan” virus steals money through on-line bank make people worry about the safety of on-line banks while enjoying its services. After a complete analysis of the existing on-line bank safety methods and taking into full account the customer behavior, China Construction Bank (CCB) takes the lead to launch the dynamic password scratch card service on a trial basis in the Chinese market. Pilot project has been implemented in the Liaoning, Zhejiang and Ningbo branches and the bank plans to spread it nationwide when conditions are ripe so that the customers can enjoy on-line bank services easily and safely.

Dynamic password is a kind of dynamic encryption technology. To put it simply, the customer uses different one-time password for identity and transaction confirmation. The on-line bank dynamic password scratch card launched by CCB takes the shape of bankcard and each card provides 45 different passwords. When making on-line bank transactions, the customer just log in the password offered by the card in order and each password can only be used for once.

A small scratch card offers multiple merits
Although it is a small card, the dynamic password scratch card initiated by CCB offers multiple merits.

First, one-time password ensures safety and reliability. Over years the passwords set by customers for their drawing accounts and on-line bank transactions are static ones which have inherent problems. To remember easily customers always use simple static passwords with certain rules, which can be deciphered easily by criminals. However, if the customers set complicated static passwords and change them frequently for safety reasons, a large number of passwords will have to be set and hence confusion or oblivion will easily occur. In addition, for on-line bank transaction the static passwords also face the risk of being stolen by hackers.

The one-time or dynamic password overcomes the above shortcomings of static password and frees the customers from the trouble of setting and memorizing passwords. With a new password each time the problem of using “Trojan” virus to steal on-line bank passwords is completely solved, enabling the customers to use the on-line banks without any worries.

Second, no system installation is required and the operation is simple. The generation of dynamic password is independent from customer computer, requiring no installation of any program on the computer of customers or any special terminal or on-line equipment. Without the trouble of downloading any tedious user end program or remembering the complicated passwords, it completely gets rid of the problems caused by the upgrading of WINDOWS or IE explorer. Using the scratch card offered by the bank, customers just follow the instructions to enjoy convenient on-line bank services.

Third, the technology is sophisticated and widely applied. Over more than two decades of development the dynamic password technology has grown fairly sophisticated and applied for over 6 years by foreign on-line banks. In particular, in North Europe where the on-line bank business is fairly developed the dynamic password is very popular. After the CCB initiated the dynamic password on on-line banks a new wave of rapid on-line application will surely arrive in China.

Being customer-tailored and portable is another merit of the scratch card. The scratch card released by CCB to the Chinese market on a trial basis is designed specially for individual users of on-line banks. Taking the shape of bankcard, it is easily portable. Each card contains 45 passwords. If one customer makes 2 or 3 on-line bank transactions each month, one card can be used for one year. After using all the passwords on one card, customers can buy new ones at the outlets of CCB and those with frequent on-line transactions can buy a number of cards at one time. In the future CCB will continuously launch other forms of dynamic passwords to offer better and more choices to the customers.

A small scratch card carries big strategy
Over the years when developing the on-line banking business CCB always gives top priority to safety. Using advanced international technologies, security measures, together with strict risk control, the bank has established sophisticated on-line bank technological system to ensure the safe operation. The dynamic password scratch card is especially made to meet the requirement of customers. Reaching out to the an increasing number of customers, this safe, cheap, portable and easy-to-use scratch card paves the way for the popularization of on-line banks.

To make customers’ transactions safer, CCB has offered various security tools such as double passwords protection, password soft keyboard inserter, IE explorer 128-digit password key, SSL transition encryption and digital certificates and provided customers with USBKEY user certificate carrier. Together with the latest dynamic password scratch card, those tools have built up a firewall for the bank’s on-line banking services which has ensured the information and account security of customers and minimize the risks of on-line banks.

Sophisticated system and constant innovation drive the prosperity of CCB’s on-line banking services. By the end of May 2005, its on-line bank’s customers have amounted to 23.37 million, up 171% over the same period of last year. From January to May this year it completed 118.75 million transactions, growing by 91% over the same period of last year and the turnover achieved a year-on-year growth rate of 120% to RMB 3072.4 billion. The number of individual customers of on-line bank experienced the fastest growth, so did the turnover, indicating a sound momentum of rapid development.