Banking giant UBS started deploying a device from IBM which ensures online banking transactions aren’t being manipulated by on-line hackers.
IBM’s ZTIC (Zone Trusted Information Channel) is a smart-card reader that attaches to computer via a USB cable. During an online banking transaction, it bypasses the Web browser and makes a direct connection with the bank. The connection is an industry standard SSL (Secure Sockets Layer) which enables the user to enjoy a secure link between their computer and the bank server.
What is great about the USB secure product is that a hacker could not cloak a transaction via the web and show the user a transaction of one amount, while robbing them blind with a different amount as the “actual” transaction.
What is funny about the UBS press release is the following:
If the transaction has been hacked and the account number is different, the customer can abort the payment by hitting a red “x,” or a green check if it’s fine
Well…if they knew the transaction was hacked, wouldn’t they stop it anyway?
Another nice feature of the UBS secure USB device is that a keylogger could not record keystrokes because the sync process between the user and bank happens through the UBS device, no account numbers are used or typed.
Continue Reading
