Most Read
- Merrill Lynch Speeds Up Application Development
- Buy Side Seeks Independent Valuation Providers for OTC Derivatives After Credit Crisis
- Getting That Single Version of the Truth on Wall Street
- SR Labs Unveils Low Latency OMS with Market Data
- Is Wall Street Ready for the iPhone?
- The OMS Dilemma: Speed vs. Intelligence
- REG NMS Cheat Sheet
- How the NYSE Achieves Low Latency
April 23, 2008
Sophisticated Web Attacks Force Banks to Re-Think
The sophistication of increasingly widespread fraudulent techniques such as Man-in-the-Browser attacks are forcing financial institutions to re-assess how they fight electronic fraud.
Authentication of the user, regardless of the strength or technique used, can't prevent these sophisticated attacks, says Validsoft, a provider of authentication and transaction verification solutions.
With Man-in-the-Browser attacks, once a computer has been infected, the malicious code is triggered when the web user visits his own online bank site.
This type of malware can retrieve information – such as login and password - that is entered by the web user on the real web page of the bank site by intercepting the HTML code on his web browser.
A financial transaction can then be diverted to a fake or overseas account in real time, without the bank client ever realizing that the transaction has been corrupted.
"To counter these attacks, banks must have out-of-band transaction verification (the ability to verify the integrity of the transaction content itself), which is the most effective method, in addition to strong authentication," says Pat Carroll, CEO of Validsoft.
In this case, even if a criminal takes over a Pc, the bank can stop a criminal in his or her tracks by phoning the user to verify the transaction.
That way, the bank is using two different channels - phone and Pc - to communicate with the client. It is highly unlikely that a criminal would compromise both these channels.
Posted by Melanie Rodier at 03:51 PM
This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
Greg MacSweeny Columns
Greg MacSweeneyOverbearing Market Reform Will Only Slow Market Innovation
As investors call for extensive regulatory oversight of certain derivatives, regulators mu...
What You Don’t Know Will Hurt You
Larry Tabb Columns
Larry TabbOpportunities Beckon Amid Economic Turmoil
A shaky economy and the defibrillation of many fixed-income products provide fertile groun...
NYSE TransactTools May Be NYSE Euronext’s Most Important Asset
CHECK THIS OUTNovell Real Time Linux Webcast SeriesIn order to succeed, companies must be able to respond quickly, deliver superior value and quality of service, and carefully manage their costs. In this series of brief webcasts, you will learn how SUSE Linux Enterprise Real Time from Novell enables organizations to respond quicker by delivering low latencies, deliver increased value with fast response times, and better manage costs. |
EventsLive Events:Buy-Side Trading Xchange June 04, 2008  Buy-Side Trading Summit 2008 November 16-18, 2008 Web Events: 2008 Market Mandates and Rich Internet Application Trending for Online Business Banking Channels 2008 May 20, 2008 How Can Financial Firms Build a Better Data Center? May 29, 2008 Market Trends 2008 and Rich Internet Applications: Online Channels Retirement and Benefits Service Portals June 03, 2008 Market Trends 2008 - Rich Internet Applications: Next Generation Online Financial Portals in Financial Services June 04, 2008 Straight Talk About Low-Latency: The Value of a Millisecond June 19, 2008 |
White PapersLevel 3 Connectivity KitStay ahead of the bandwidth curve. The Level 3 Connectivity Kit provides full resources to help you make informed decisions regarding your network infrastructure. Download the Data Center Networking Strategies for Financial Services Firms White Paper; Business Class Ethernet: Trends in Perspective eBook and BC/DR Best Practices for the Data-Intensive Enterprise Gartner Webcast Surviving and Thriving in a Challenging Market Learn how financial services firms can use customer-centric strategies and tools to maximize client value and loyalty, gain insight into new opportunities, and do more with less, counteracting market volatility. |
Marketplace |
Career CenterReady to take that job and shove it?
|
Most Recent Job Posts:
* Tower Hill insurance Group, Inc. seeking Programmer in Gainesville, FL
* CAST Software, Inc. seeking Senior Pre-Sales Engineer in Chicago, IL * Broadcom seeking Principal Software Engineer in Irvine, CA * ITT Corporation seeking Senior Program Manager in Fort Wayne, IN * Tower Hill insurance Group seeking Help Desk Director/AVP in Gainesville, FL For more tech jobs in the industry, visit Wall Street & Technology's Career Portal. |
