"SSL is still required for a secure session, but one cannot rely on it as a panacea to all fraud and security or privacy issues," Jennings said. "We have fraud detection tools, screen high-risk payments, run education campaigns and recommend our customers use antivirus tools so we are quite comfortable with Internet banking security, but SSL encryption is just a cornerstone.'

The National Australia Bank Ltd. (NAB) has taken a more holistic approach to online security. A NAB spokesperson said there is a need for multiple layers of protection between customer and bank transactions - a primary driver behind the move to two-factor SMS authentication - adding there is also a need for consumers to be aware of their own responsibilities when it comes to protecting data and their own PC.

Peter Dowley, Australia and New Zealand Banking Group Ltd. Bank IT security architect, said using SSL encryption for online banking ensures that bulk attacks cannot be conducted by compromising either the Internet backbone or Internet service providers.

"The next vulnerable point is the customer's computer and so attackers have to concentrate their efforts at this point."

Claiming SSL encryption will stand the test of time, Matthew Warren, Deakin University head of the School of Information, said social engineering techniques are shaking customer confidence.