New system to combat online banking fraud: A security solution from a Cambridge University spin-out which protects against 'man-in-the-browser' trojans is being rolled-out by two German banks. The system works with the bank web site sending a 2d barcode-style picture that contains the transaction information. The user decodes it with a mobile app, or dedicated device, which also generates a transaction authentication code for the user to enter to confirm the transaction.
I've long thought that smartphones would be the route to secure transactions over the internet. Using them as out-of-band communication routes for passcodes, or validation checks, has security potential but means the user must have a mobile connection. Attacks on this mode have already been developed.
You can try out the CrontoSign technology by downloading the CrontoSign mobile app for iOS or Android devices and try it with a demo account at www.crontosign.com.
Thursday, 18 April 2013
Friday, 12 April 2013
An interesting report from 'The Register' about BT's Adastral Park - where our security futures practice, in BT Research and Technology, is based. BT is working on plans to create 2,000 new jobs and provision for up to 2,000 homes by 2025, by opening up areas of Adastral Park as a science campus. The idea is to create a Suffolk research centre - a regenerated research and development facility that encourages the growth of an ICT cluster in Suffolk.