Just when it seemed it could not get any worse, the future of typing in username's and passwords for online banking looks more dim than ever. A new PandaLabs Report says worldwide computer malware infections grew 15% in ONE MONTH and now stands at 60%. WOW! Seems to me, it's not only online banking authentication with a big problem, it is also eCommerce sites and online shopping.
As if that is not bad enough, they report that U.S. computers are infected with the most dangerous malware strain... Banking Trojans. Those are the ones that steal online banking credentials...including log-in details, credit and debit card numbers and one-time passwords. There are currently three, (that we know of) Clampi, Zeus and Conficker. Arguments abound about which one is the worst, although everyone is in agreement that all three are present a clear and unprecedented danger. (When three tornadoes hit, and all three are F-5's I don't see the need to determine which one is more dangerous)
As if that is not bad enough, they report that U.S. computers are infected with the most dangerous malware strain... Banking Trojans. Those are the ones that steal online banking credentials...including log-in details, credit and debit card numbers and one-time passwords. There are currently three, (that we know of) Clampi, Zeus and Conficker. Arguments abound about which one is the worst, although everyone is in agreement that all three are present a clear and unprecedented danger. (When three tornadoes hit, and all three are F-5's I don't see the need to determine which one is more dangerous)
The problem is simple: Browsers, and the fact that consumers use them to log-in. I want to be "as clear" as the username and password data that travels through the web. Anything that utilizes the web browser for security is USELESS! (See what Gartners' Avivah Litan has to say on the subject matter)
I am NOT implying that banks are not making an effort to secure their customers log-in. They have been...and they've wasted...(sorry, I meant) "spent" millions of dollars on software-based solutions.
What I AM implying is that the (software) band-aid approach is (was) the wrong way. It never fixed anything, it only temporarily patched it.
Every time hackers come up with a new way to get in...banks can attempt to patch it with a band-aid solution, but what about the risk of infection? (ooops.!)
Besides, even without the risk of "infection"...patching a leak in the roof only provides the opportunity for water (hackers) to find the path of least resistance...(i.e.) it only buys time until hackers figure out how to bypass...it does not SOLVE the problem. Therefore by adding another layer of non-security (another question, a one-time password, etc.) banks only "delayed the inevitable." The inevitable has arrived. A 15% GAIN in ONE MONTH. Only 40% to go. 60% of computers worldwide are now infected with malware. The U.S. is infected with Bank Trojans. Guess what? The Hackers won. Game Over.
Now we need a whole new roof. HomeATM (which authenticates the user "outside" the browser) is that roof. We need a new way to authenticate online banking customers, and there's no better way to do it than to replicate the same way entrusted by banks and consumers alike to gain access to their bank account via an ATM.
It's is Time. It is a No-Brain-er. I know it, you know it, banks know it, everybody knows it...even (some of the) media knows it.
Fortunately for banks and their customers, it just so happens that our SLIM device also enables person-to-person, account-to-account and person-to business (online bill pay) transfers in real-time. It also enables the bank to derive income from transactions conducted by online shoppers. The best news is that it would cost banks $25.00 and banks give away $50-$200 dollars to gain new customers already. (see Useless Bank Promos)
PandaLabs, Panda Security’s malware analysis and detection laboratory, today announced that it has detected a 15 percent increase in the total number of malware-infected computers in September in comparison to the previous month of August. According to data gathered from users that scanned and disinfected their computers with the free Panda ActiveScan online antivirus, the average infection ratio rose to 59 percent, the highest rate this year.
In comparison to the infection rates of 29 countries, the U.S. ranks ninth with an infection ratio of 58.25 percent, just below the worldwide average. Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. The country with the least infections is Norway at 39.60 percent. To view a table that outlines the percentage of infected computers by country, please visit: http://www.flickr.com/photos/panda_security/3963144168/.
According to Luis Corrons, Technical Director of PandaLabs, “There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms.”
Panda’s study revealed that U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses. To see the number and types of malware on infected computers in the U.S., please visit: http://www.flickr.com/photos/lithium-/3963437003/sizes/o/.
I am NOT implying that banks are not making an effort to secure their customers log-in. They have been...and they've wasted...(sorry, I meant) "spent" millions of dollars on software-based solutions.
What I AM implying is that the (software) band-aid approach is (was) the wrong way. It never fixed anything, it only temporarily patched it.
Every time hackers come up with a new way to get in...banks can attempt to patch it with a band-aid solution, but what about the risk of infection? (ooops.!)
Besides, even without the risk of "infection"...patching a leak in the roof only provides the opportunity for water (hackers) to find the path of least resistance...(i.e.) it only buys time until hackers figure out how to bypass...it does not SOLVE the problem. Therefore by adding another layer of non-security (another question, a one-time password, etc.) banks only "delayed the inevitable." The inevitable has arrived. A 15% GAIN in ONE MONTH. Only 40% to go. 60% of computers worldwide are now infected with malware. The U.S. is infected with Bank Trojans. Guess what? The Hackers won. Game Over.
Now we need a whole new roof. HomeATM (which authenticates the user "outside" the browser) is that roof. We need a new way to authenticate online banking customers, and there's no better way to do it than to replicate the same way entrusted by banks and consumers alike to gain access to their bank account via an ATM.
It's is Time. It is a No-Brain-er. I know it, you know it, banks know it, everybody knows it...even (some of the) media knows it.
Fortunately for banks and their customers, it just so happens that our SLIM device also enables person-to-person, account-to-account and person-to business (online bill pay) transfers in real-time. It also enables the bank to derive income from transactions conducted by online shoppers. The best news is that it would cost banks $25.00 and banks give away $50-$200 dollars to gain new customers already. (see Useless Bank Promos)
Let me try and Oversimplify the Solution to this Gigantic Problem
If online banking authentication (and online shopping) were done "outside" the browser, then what's "inside" the browser really doesn't matter.
• Average number of worldwide infections grew 15 percent over last month • Global infection ratio hits all time high this year at nearly 60 percent |
PandaLabs, Panda Security’s malware analysis and detection laboratory, today announced that it has detected a 15 percent increase in the total number of malware-infected computers in September in comparison to the previous month of August. According to data gathered from users that scanned and disinfected their computers with the free Panda ActiveScan online antivirus, the average infection ratio rose to 59 percent, the highest rate this year.
In comparison to the infection rates of 29 countries, the U.S. ranks ninth with an infection ratio of 58.25 percent, just below the worldwide average. Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. The country with the least infections is Norway at 39.60 percent. To view a table that outlines the percentage of infected computers by country, please visit: http://www.flickr.com/photos/panda_security/3963144168/.
According to Luis Corrons, Technical Director of PandaLabs, “There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms.”
Panda’s study revealed that U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses. To see the number and types of malware on infected computers in the U.S., please visit: http://www.flickr.com/photos/lithium-/3963437003/sizes/o/.
“This is a clear sign that hackers are becoming more and more sophisticated,” explains Corrons. “Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and email. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user's (online banking) data.”Want to learn more on how the only PCI 2.x PIN Entry Device in the World Designed for eCommerce can empower your financial institution? Click Here
0 comments