Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Fixed password on 3D Secure may introduce vulnerability for users

Gridsure : 24 September, 2008  (Technical Article)
Gridsure warns of the use of fixed password systems for layered banking security as disclosure through key-logging may render the user liable to losses
More than 25 million credit and debit card holders have registered to use the secure online payment system of 3D Secure - more commonly known as 'Verified by Visa' and 'Mastercard SecureCode'. A 600 per cent increase in the past two years.

While many will see this as a positive improvement for online security, GrIDsure, the developer of a revolutionary new approach to authentication warns that this extra layer of security may simply prove to be an added burden for consumers.

Jonathan Craymer, chairman of GrIDsure commented: "While any step to improve online security is always welcome, some may actually prove to be counterproductive due to their reliance on fixed passwords. It is disturbing that customers are now being forced to sign up to a system that may potentially leave them more vulnerable to identity theft than before. If a customer's password is used to commit fraudulent activity on their account, banks can now blame the customer for not protecting it sufficiently - a fact that many people are not informed of.

"Software such as spyware or key logging technology can render the extra layer of protection useless as a fixed password can be captured and compromised quite easily. The security of the system could be immediately improved by replacing these with one-time passwords or PINs. The cynical amongst us may argue that some financial organisations are simply concerned with shifting responsibility rather than improving security," continued Craymer.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo