New system to combat online banking fraud: A security solution from a Cambridge University spin-out which protects against 'man-in-the-browser' trojans is being rolled-out by two German banks. The system works with the bank web site sending a 2d barcode-style picture that contains the transaction information. The user decodes it with a mobile app, or dedicated device, which also generates a transaction authentication code for the user to enter to confirm the transaction.
I've long thought that smartphones would be the route to secure transactions over the internet. Using them as out-of-band communication routes for passcodes, or validation checks, has security potential but means the user must have a mobile connection. Attacks on this mode have already been developed.
You can try out the CrontoSign technology by downloading the CrontoSign mobile app for iOS or Android devices and try it with a demo account at www.crontosign.com.