Banking giant UBS started deploying a device from IBM which ensures online banking transactions aren’t being manipulated by on-line hackers.
IBM’s ZTIC (Zone Trusted Information Channel) is a smart-card reader that attaches to computer via a USB cable. During an online banking transaction, it bypasses the Web browser and makes a direct connection with the bank. The connection is an industry standard SSL (Secure Sockets Layer) which enables the user to enjoy a secure link between their computer and the bank server.
What is great about the USB secure product is that a hacker could not cloak a transaction via the web and show the user a transaction of one amount, while robbing them blind with a different amount as the “actual” transaction.
What is funny about the UBS press release is the following:
If the transaction has been hacked and the account number is different, the customer can abort the payment by hitting a red “x,” or a green check if it’s fine
Well…if they knew the transaction was hacked, wouldn’t they stop it anyway?
Another nice feature of the UBS secure USB device is that a keylogger could not record keystrokes because the sync process between the user and bank happens through the UBS device, no account numbers are used or typed.
To learn more, visit the press release: PC World.
