Web banking to get security upgrade

By

Finally, a good solution to the ever-growing problem of identity theft and unauthorized transactions. Banks are seeking to implement technology and software that not only logs your username and password (which is the main form of security now), but they can also log and identify items like IP address, what machine and location you’re performing the transaction from, and even down to your personal connection speed. These tools will prove to be crucial to privacy protection and hopefully a large obstacle to “phishers” and trojan programs.

If you do banking over the Internet, generally the drill is pretty simple: You enter your user name and password, and away you go. But behind the scenes, the bank can do a lot to check you out: Are you at your home computer, or at one with an Internet address that, strangely, is registered overseas? Are you logging on at an unusual time of day, or from a super-fast connection when normally you have dial-up? This kind of analysis is one example of the layers that bank Web sites will be adding by the end of 2006 to meet new demands from federal regulators for “two-factor” authentication. That essentially means checking something more than just user name and password to verify a customer’s identity. “Phishers” and other Internet fraud artists have become adept at stealing passwords, mainly through “social engineering.” Preying on people’s propensity to believe something seemingly authoritative, criminals send authentic-looking e-mails that send unsuspecting people to an authentic-looking Web site where they give away their data.

Comments are closed.