Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Mobile Online Transaction Protection with Advanced 2FA

FireID : 05 May, 2010  (New Product)
FireID Transaction Verification enables users to avoid man-in-the-browser and man-in-the-middle attacks whilst performing financial transactions
FireID, a provider of security applications for mobile authentication, has announced FireID Transaction Verification, a new application that ensures only legitimate online transactions and payments are made. Providing a solution to the much publicised man-in-the-browser (MITB) and man-in-the-middle (MITM) attacks which banks are experiencing, FireID's out-of-band Transaction Verification application generates a unique code on the end user's mobile phone to verify the transaction details for online purchases and transactions before they are authorised.

The MITB attack has received significant attention recently, based on its ability to circumvent strong security measures, including many two-factor authentication ((2FA)) methods. In such attacks the hacker infects an end-user's PC with a trojan, or similar piece of malware, which is capable of covertly faking Internet financial transactions in the end-user's Web browser. The end-user could login securely by using one-time passwords, however, because the attack modifies the secure session, the end-user is still vulnerable.

A Gartner report, titled "Where Strong Authentication Fails and What You Can Do About It," by Avivah Litan on December 3, 2009, addresses the growing dangers of MITB attacks, "These attacks were successfully and repeatedly executed against many banks and their customers across the globe in 2009. While bank accounts are the main immediate targets, these attack methods will migrate to other sectors and applications that contain sensitive valuable information and data within the next three years."

FireID's Transaction Verification application thwarts these hackers and MITB attacks, enabling secure online transactions with a simple, convenient and cost-effective solution. FireID's Transaction Verification application uses the customer's mobile phone to generate a unique code for each online transaction, out-of-band from the Web browser. This code is dependent upon the full details of the transaction, which could be defined as the transaction amount and account number, and is verified by the FireID server for authenticity. If an attacker attempts to change any of the defined transaction details, the code will become invalid and the server will detect the tampering. Since FireID makes use of the customer's mobile phone for transaction verification, expensive and inconvenient hardware tokens are not needed.

"In the high-stakes world of online banking fraud, hackers have developed sophisticated methods for getting inside the user's browser and falsifying transactions. FireID's Transaction Verification application provides a powerful out-of-band authentication solution to secure payments and transactions, entirely thwarting MITM and MITB attacks," said Jenny Dugmore, CEO of FireID.


Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo