Portable computing firm IronKey has launched a USB-based system designed to protect US corporate banking customers from an epidemic of cybercrime caused by malware-infected PCs.
The Trusted Access for Banking product is a purpose-built application of the IronKey multifunction security device. It incorporates a locked-down Web browser that is protected against malware from the host PC, and may also be configured to allow users to visit only specific websites.
Corporate banking customers simply plug it into a computer, and enter their device password. Once the IronKey device is unlocked a secure Web browser launches and goes directly to the bank's website.
Before enabling the secure environment, the IronKey app runs an anti-malware scan of the host computer and also provides the option to boot a host operating system from the IronKey device to protect against threats on infected host computers.
The system is available with an integrated RSA SecurID software token that generates one-time passwords, thus providing a single device that serves as both a secure banking platform and a mechanism for two-factor authentication, says the vendor.
US business banking customers have suffered a rash of hi-tech break-ins recently as Eastern Union crime gangs have deployed sophisticated malware to infect user PCs and steal sensitive banking access credentials. A recent Symantec report states there are 70,330 unique variants of the Zeus banking Trojan malware.
The crimewave has alarmed banking and police authorities, and led to calls for businesses to protect themselves by switching off online banking or using a dedicated and locked-down PC to access their accounts.
Tom Corn, vice president of product marketing at RSA, says: "It has come to the point where we advise organisations that are taking additional measures to prevent online threats to first assume that all of their computers are compromised."