Fresh security claims rile South African banks

Fresh security claims rile South African banks

South Africa's leading banks have moved to reassure clients of the safety of Internet banking after a computer engineer demonstrated to local journalists fresh weaknesses in Web defences.

The Sunday Times at the weekend reported on the exploits of a computer engineer who bypassed upgraded security systems installed in the wake of a recent series of online attacks against the nation's banks. Upgrades introduced after the arrest of the alleged "Absa hacker" two months ago require users to enter a code into an on-screen keypad using their mouse instead of typing in the characters.

However, the Sunday Times' was contacted by a computer software specialist who claimed to have developed a virus-like e-mail program that records user "mouse tracks" and other account details, sending this information back to the e-mail's originator. He went to the newspapers after failing to elicit any banking interest in the software.

The banks have respondend furiously to the news, with First National Bank slating the Sunday Times' source as a software vendor on the make. "We view this particular approach as being very close to extortion," states Peet van der Walt, CEO: FNB Delivery. "First National Bank has a clear policy of prosecuting all cases where criminals have managed, by whatever means, to illegally access personal information of the bank's customers."

A similar tough line has been taken by Absa. Alfie Naidoo, managing executive Absa e-channels, says: "Absa also has a zero-tolerance policy towards all forms of fraud and will seek prosecution against anyone involved in fraudulent activities reported by our customers."

Absa says that its latest security upgrades, featuring enhance online authentication and the generation of random verification security numbers for each log-on session, provide an extra line of defence against fraudsters.

"Our customers' money is safe," says Naidoo "We promise that, if a customer's account is accessed illegally and where they have followed the suggested precautions, Absa will refund their money following a thorough investigation."

Comments: (0)