Two-factor authentication imminent from Alliance & Leicester

Alliance and Leicester is set to roll out two-factor authentication to its internet banking customers.

The bank is to launch a new design for its online banking service in March. It will incorporate the technology, it said in its annual financial statement.

The independent company said it will not yet reveal the exact technology to be used but will be making an announcement soon.

A spokesman told silicon.com: "We're going to do it very soon but we don't want to go public until we are confident in what we are offering."

Apacs, the industry body for the payments industry, was last year due to announce a two-factor authentication standard that all banks would use. Apacs recently told ZDNet UK sister site silicon.com the standard is "more or less" ready but didn't give a specific date, despite indicating that the standard would be ready by the end of 2005.

Two-factor authentication usually couples a password with some kind of device that generates a second passphrase. Some people believe this makes it harder for fraudsters to steal both passwords and is therefore more secure than traditional methods of internet banking, but some security experts are sceptical of the benefits two-factor authentication can bring to Internet banking.

Last year, Lloyds TSB announced it was piloting token-based security with 30,000 online customers. During the pilot, customers log into online banking with their username and password but also use a one-time six digit code generated by the token.