After the Bank of Lithuania adopted Minimum security requirements for online payments, so far widely used code cards were announced to be the least safe log-in tool. As the amount of online payments is increasing, the banks are expected to reduce the risk of theft from customer accounts. Therefore, alternatives for code cards are offered: password generators, identity cards with integrated e-signature or mobile e-signatures. However, while e-signature was created almost a decade ago, only a small part of the population uses it.
According to the CEO of e-banking, mobile signature and retail solutions company Etronika Kestutis Gardziulis, even though the use of e-signature services in 2014 increased significantly (In 2013, e-signature was used by 12.6 thousand bank customers, in 2014 – already 28 thousand), the latter is still not widespread in the society.
“Back in 2005, we were among the first in the world to implement the mobile e-mail signature idea as well as the first commercial pilot project and we offered it to Lithuanian public and private sectors. Unfortunately, there is a lack of joint actions to promote the use of signatures from both the government and the commercial sector institutions, and especially – the banks. There is also a lack of commonly available and easy to use e-signature services: a general agreement on the e-signature use, a document standard and uniform system, “- lamented K. Gardziulis.
Actually, an attempt was made to take the initiative in 2008 when E3P – Electronic Signature breakthrough program – aimed to encourage the country’s businesses and residents to become more involved and to use e-signature. But the initiative did not give the expected results: after more than seven years, less than 100 thousand Lithuanian residents use e-signature.
However, the electronic signature is a free service that ensures much higher security than code cards. By law it is equivalent to a real signature, which allows signing documents, official letters, contracts, requests, complaints etc., confirming the identity in cyberspace more reliably and additionally encrypting the transmitted data. Wide e-signature usage capabilities are ensured by the legal framework for electronic signature of the Republic of Lithuania.
“Meanwhile, the biggest problem of the widespread code cards is that they contain the codes that are used far more than once – information is repetitive, which is not safe, – said K. Gardziulis. In addition, since the cards are not digital, they are easy to copy, and codes can be even orally retold to third parties. This leads to a significant risk of theft and non-compliance with the bank requirements”.
According to the CEO of INVL Technology managed company NRD CS Dr. Vilius Benetis, for the criminals cyberspace is just another mean for committing offences and, unfortunately, often a less risky one than a physical attack. “Well-secured authentication and signing tools – such as generators, electronic mobile, card-based or USB-based signatures can often increase the cost of an attack to such extent that the criminals simply go elsewhere – to another bank, country, or continent (like the European banking criminals are now raging in Africa). And the task for our specialists is to create comfortable and safe solutions, and instead of intimidating – to educate people on safe behavior in cyberspace “, – said V. Benetis.
The new Bank of Lithuania approved rules should take effect from the 1st of November, 2015. Until then the banks will provide their customers with other means of identification. In order to receive a password generator, it is advised to go to a bank, a mobile electronic signature is provided in the shops by the mobile operators (upon purchase of a special SIM card that works even in very old mobile phone models) or an identity card with a built-in e-signature can be obtained from the Migration Service which issues them since 2009.
In the private sector, the banks with the greatest influence on the development of electronic services are already adjusting their systems of electronic services to support electronic signature users. DNB bank AB, Danske Bank A/S Lithuania Branch, Swedbank AB, SEB Bank, Medicinos Bankas UAB, Nordea Bank AB Lithuanian branch, Citadele bank AB – all allow electronic signature users to connect to their systems by the means of electronic signature. Some of these banks also allow their customers to digitally sign not only the operations but also contracts and other important documents. Such electronic signature use in electronic banking systems increases the security of financial transactions.
About Etronika:
Etronika is a company developing electronic banking, mobile electronic signature and retail solutions for businesses. Twice a winner of the “Best of Show” award at Finovate Europe for the e-banking platform Banktron, which is used by a number of Lithuanian and foreign banks. In 2013, the company was awarded by the President Dalia Grybauskaite as the most advanced in the high-tech industry. This year Etronika for the second time in a row was included in the list of 50 most innovative financial technology companies in Europe. In April 2015, INVL Technology managed company Norway Registers Development AS signed an agreement on Etronika UAB shares’ acquisition.
About INVL Technology:
INVL Technology AB is the only company of its kind in Lithuania acting as fund and investing in IT companies, listed on Nasdaq Baltic Stock Exchange. Largest INVL Technology investments currently are companies in Lithuania, Norway, Tanzania and Uganda: NRD group, working in the field of business climate improvement and e-governance, critical IT infrastructure services company BAIP, cyber defence company NRD CS and Etronika – a company developing electronic banking, mobile electronic signature and retail solutions for businesses. Managed companies operate as a cluster and implement projects in over 50 countries worldwide.