Multi-Factor Authentication - The Key to Safe Online Banking

As per a senior anti-virus researcher in global research and analysis team of Kaspersky Lab, Roel Schouwenberg, multi-factor authentication will resolve the problems of threats while using online banking, as per the news published by SCMagazine on March 2, 2010.

The researcher informed that banking trojans had attained a sort of maximum sophistication in 2007. This particular category of banker trojans was, and is still, very sophisticated and will abuse per-bank particular vulnerabilities in the execution of two-factor authentication.

The report by Anti-Phishing Working Group (APWG) indicates that banking Trojan infections nearly surged three times (186%) during the period spanning from Q4 2008 to Q2 2009.

Clarifying the reason, security researchers claimed that the condition of online banking to some extent looks like the Internet. For several banks, online banking was not designed with proper security in mind. Convenience is the major inspirational force. The Internet was designed on very much the similar principles. The concerning issue is that many banks do not use two-factor authentication and when they use it, it's an extremely weak form of it.

He stated that such kind of security is simply not enough for the majority of Banker Trojans/Spyware. What annoys the researcher most is that there is an eventual solution that will greatly resolve the problem associated with the security of online banking. In simple words, online banking demands two-factor authentication. The authentication code must be received or produced on a device that is not connected to the device doing the transaction, as per the news published by Threatpost on February 25, 2010.

Moreover, he informed that trojans have the potential to maneuver anything on the monitor and in Web traffic. The solution for this problem is an easy one. Effective online systems that remain resilient to such strong malware are required to be deployed. Without having the user's bank account number, there is no way in which any security expert in the world can confidently say whether the transaction shown on screen is in fact heading towards the correct destination.

Many things have changed since 2006 or 2007. The average sophistication of malware has increased. Considering this, the researchers opined that multi-factor authentication is by far the most appropriate method for secure online banking.

Related article: Multi-Constituent Malware Evokes Risk for Businesses

» SPAMfighter News - 3/10/2010