Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Payments

Group

Online Banking
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

An article relating to this blog post on Finextra:

Security experts warn of Trojan.Silentbanker

Experts at security firm Symantec are warning of a new trojan program that circumvents two-factor authentication systems and intercepts account information before it is encrypted.

See article

Chip and PIN readers provide protection against such attacks

This Symantec warning shows how banks are still open to man-in-the-middle attacks, as fraudsters constantly look for new ways to break in. However, there are solutions available to protect online banking users against these types of attacks. CAP (Chip Authentication Programme) devices can be used to secure not only the individual but also the transaction through two-factor authentication. The problem is that not all banks are using such mechanisms particularly for high risk transactions such as payments to new beneficiaries. These Trojans can be defeated as long as banks have in place sound prevention (such as CAP devices) and detection strategies (such as risk management solutions which can help bank quickly identify fraudulent activity).  This is not the first reported incident of this nature and will certainly not be the last. Consequently, banks need to ensure they remain one step ahead of the fraudsters by putting in place comprehensive anti-fraud strategies.  Bob Bennett
4207

Channels

Payments

Group

Online Banking
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (1)

A Finextra member
A Finextra member 25 February, 2008, 19:02Be the first to give this comment the thumbs up 0 likes

 

Yes they are safer for the moment - maybe. I am loathe to advise a client to equip millions of customers at fantastic expense, in fact more than they lose. I remember cloning an early one and lost interest in them after that. I assume they are more secure now, but can they tell the difference between a trained monkey and the authorised user? I doubt consumers have really stopped writing the PIN or password down, especially where there's an ever larger number of them to remember. If what the Japanese researchers did with the chimps is any indication the Russian mafia will be recruiting them to operate stolen Vasco cards before too long, it's only a matter of time. The analysts have voted - seen Vasco's share price? Maybe they know something we don't. The only way is to put the consumer in the transaction, and give them a method they like. If someone could work out a way to have the password hidden in plain sight...

I have successfully guessed so many users passwords it's actually become a bore.

I finally went and did something about it, but I'll pay for an ad when I want a plug. 

 

Report abuse
Join the discussion
Blog group founder

Member since

0

Location

0

More from member

This post is from a series of posts in the group:

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.

See all
Community
See all blogs »
Online Banking 

Open Banking and Open Finance Use Cases: Building Blocks of a Robust Open Financial Ecosystem

Abe Karar

Abe Karar

Online Banking 

Jordan’s Regulation of Open Finance Services: Trailblazing the innovative path

Dmitrii Barbasura

Dmitrii Barbasura

Online Banking 

Why KYC is an effective tool against Digital Fraud in Money Services Businesses (MSB)

Philip Chethalan

Philip Chethalan

Online Banking 

Open Banking challenges in MENA region: Measuring success.

Dmitrii Barbasura

Dmitrii Barbasura

Now hiring

See more