Germany's Commerzbank has deployed technology from UK vendor Cronto that enables online banking customers to authenticate transactions by taking a photo of their PC screens with their mobile phones.
Commerzbank is offering the Cronto Visual Transaction Signing system to selected customers to secure verification of funds transfer instructions. It is the first bank to deploy the technology, which was originally developed at the University of Cambridge.
When a customer signs in to bank online or make a transaction, they are presented with a unique graphical cryptogram consisting of a matrix of coloured dots displayed on their PC screen.
The customer then takes a photo of the image on the screen using their mobile phone. Cronto's photoTAN software - downloaded into the customer's phone - is then used to authenticate the transaction.
Critical transaction information, like payment details, are displayed on the phone's screen to confirm it has not been tampered with. An authentication code is then generated and passed back to the bank's server to complete the transaction.
Cronto says its technology eliminates the inconvenience of entering transaction details manually into separate authentication devices.
Finextra verdict: Overcoming the challenges posed by the most sophisticated fraud techniques, such as "Man-in-the-Browser" trojans, is leading to a number of innovative anti-fraud approaches in the industry. Although others have sought to bring mobile phones into the equation as an authentication device, Cronto is the first to use the cameraphone, with associated benefits of ease of use, and not requiring the entry of any characters at either end.