Join the Community

22,128
Expert opinions
44,136
Total members
428
New members (last 30 days)
208
New opinions (last 30 days)
28,711
Total comments

What about offering a phishing-proof interface?

How is it that we have all forgotten that an ounce of prevention is worth a pound of cure? Giving away anti-phishing software is shutting the stable door after the horse has bolted. 

Phishing and pharming is enabled by the fact that conventional client-to-website connections pay no attention to the integrity of the target site.  A phisher sends out a million invitations by e-mail to click on a link, and some proportion of people inevitably do so -- but their browsers aren't configured to tell the difference between a real site and a fake.  Or, punters are diverted to a pharming site -- totally bogus but cut-and-paste from the real mccoy -- and just because it looks right, or because a padlock pops up, they trust it.

With just a little more effort, we could establish secure e-mail between banks and customers (probably web mail would be best) using EMV smartcards and the like to carry the keys. Cards should carry not only the private keys of the customers that establish their legitimacy, but also the 'master' public keys of the bank.  So, when you seem to have received an email from the bank, your card can double check its authenticity. And when you you're trying to visit the bank site, instead of typing in URLs or clicking on links, the session can be established using a bona fide key retrieved from the bank's own chip card. 

We shouldn't need to deploy anti-phishing software in an endless game of catch,  engaged with scammers who continue to exploit the fundamental insecurity of the medium. Imagine the possibilities if banks could simply restore customer trust in e-mail!

 

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,128
Expert opinions
44,136
Total members
428
New members (last 30 days)
208
New opinions (last 30 days)
28,711
Total comments

Trending

Tachat Igityan

Tachat Igityan Founder and CFO at destream

Is Fintech Neglecting the Creator Economy?

Nkahiseng Ralepeli

Nkahiseng Ralepeli VP of Product: Digital Assets at Absa Bank, CIB.

Blockchain Oracles in Payments: The Unsung Heroes.

Francesco Fulcoli

Francesco Fulcoli Chief Compliance and Risk Officer at Flagstone

Insights into the FCA Crypto Roadmap and Consumer Research

Now Hiring