"Criminals operate based on a risk-versus-reward equation. If they find a way to make or steal money that has low risk and high reward they will expand in that market, invest more time and hope for a return on investment," said Steve Santorelli, ex-Scotland Yard detective and director of global outreach at Team Cymru, a nonprofit Internet security research company.



For many criminals, it has become easier to exploit the computers of users of online banking services than to try to hack into the systems of banks, which may have invested heavily in security software.

"Why spend months trying to hack a well-fortified bank server when you can use off-the-shelf code to hack a user's home computer...?

"You can compromise their machine in seconds, steal their banking passwords or just piggy-back into their account next time they log in themselves," Santorelli said.

Editor's Note: Why not simply fortify online banking authentication with the same process trusted by banks and consumers to access cash in real time from an ATM?  The technology is there...and it's PCI 2.x certified.  Only from HomeATM.

Swipe Card, Enter PIN. Using same bank rails, same bank cards, same bank PINs. Banks can spend millions of dollars protecting their servers, but there will always be a broken link. The consumers computer. So while banks up their servers, consumers serve up their online passwords and banking credentials in seconds. Just can't do it in a browser. Fortify the process, 3DES/DUKPT encrypt cardholder data/log-in credentials "outside the browser," inside our box.

Look at these related articles:










Reblog this post [with Zemanta]

Posted by John B. Frank Friday, November 6, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers