Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

Banks can buy trust online for 10 cents per user


A patent-pending tool has been released that seeks to protect against phishing attacks by verifying a bank's website and emails to accountholders by displaying a personalised watermark before they divulge their login details.

The tool is called eStamp and its provider, the anti-fraud and online security firm Cyota, describes it as a method of reverse authentication that provides a simple and consistent method for instilling consumer confidence: when the bank displays the correct user-selected image, the user knows it is safe to begin transacting with the bank.

The New York-based company offers eStamp at the cost of 10 cents per user per year.

Cyota says that eStamp works from any device or location and does not rely on cookies to deliver the service, unlike other watermarking solutions. A JupiterResearch study from March 2005 found that as many as 39% of online users delete cookies from their primary computer monthly. Cyota says this trend can seriously impact both the usability and consistency of existing methods that depend on cookies to authenticate the user.

"We began using textual watermark technologies four years ago as part of our MasterCard SecureCode and Verified by Visa compliant services to banks," said Amir Orad, executive vice president at Cyota.  "Due to the impact that the latest online threats have had on consumer confidence, we have enhanced our existing technology to provide a solid reverse mutual authentication solution for the online banking channel as well."

Orad continued, "When combined with one of our other security solutions, banks are better able to provide customers with both a 'sense' of security and 'real' security at the same time."

Last month, another financial services software supplier announced a tool that detects when a user's browser is about to access a phishing site and actively prevents the user from passing his sensitive data to that bogus site. According to London-based eWise Systems, the tool called IB Secure works by protecting against DNS spoofing and by validating the SSL (secure socket layer) certificate on secure protected sites. The system is continually updated with data about existing fraudulent sites.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.