Westpac and ANZ have confirmed they are initiating a token replacement program as a result of the recent RSA security token hack.
Customers worldwide have been left wondering whether to trust RSA's security tokens since March 2011, when the company acknowledged that it had been hacked and issued a warning.
Westpac online and customer service centres general manager, Harry Wendt, said in a statement that although the security of customers’ online banking has not been compromised, the bank would replace tokens over the coming months to ease any customer concerns.
"RSA SecureID tokens are used by some business and corporate customers and Westpac employees," Wendt said.
"Our customers’ trust in the security of our systems is paramount.
Although we do not believe that our customers are at risk from this event, we have initiated a token replacement program to alleviate any residual concern that our customers may have.
"There will be no expense for Westpac customers for any token replacements as part of this program.”
He added that the bank takes online security "very seriously" and used a multi-layered security approach, including strong authentication measures as well as fraud detection and analytics.
Wendt also confirmed that St. George Bank and Bank South Australia customers did not use RSA SecureID tokens and as such, are unaffected.
An ANZ spokesperson said that it has decided to re-issue 50,000 new RSA tokens to all customers and staff currently using the technology. About 4000 of those tokens were used internally.
"In Australia it’s predominantly ANZ’s corporate and institutional clients who use tokens as just one component of our multi-layered security measures," he said.
"There will be no expense for ANZ customers as a result of this decision to replace the tokens."
Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU