- Is the Cisco MARS mission going to abort?
- First iPhone worm spreads Rick Astley wallpaper
- 10 stunning 3D buildings made with Google SketchUp
- Open source software ready for big business
- Four reasons to buy (and one reason to avoid) the Droid
Banks are scrambling to meet a year-end deadline set by federal regulators to better secure online transactions.
The Federal Financial Institutions Examination Council (FFIEC) didn't dictate specific technologies in its "Authentication in a Banking Environment" document issued last October. But the FFIEC guidance indicated that high-risk transactions - in which funds can be transferred to other parties or access given to customer information - require more than a reusable password. The FFIEC said it wants to see progress on this security front by year-end, and many banks say they're doing just that. The choices they've made are varied.
 |
| Rudy Wolfs, CIO, ING Direct |
"After the initial log-in, we've added a PIN guard, which is an [automated teller machine]-like pad to combat keyloggers," says Rudy Wolfs, CIO at ING Direct, a savings bank with $62 billion in assets and 4.1 million customers in the United States. The PIN guard is meant to foil keyloggers, by requiring use of a mouse instead of a keyboard.
ING Direct developed its own PIN guard, but also turned to security products and services from RSA Security that include a way to present random questions during the logon process that can be answered by legitimate users. ING Direct also uses a software token to profile a user's machine for security purposes (a method known as device identification), and an antiphishing and fraud-detection service that rates online account use according to several risk factors.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment