Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Tricipher warns that tools enable online fraud to become mainstream.

TriCipher : 03 December, 2007  (Technical Article)
No longer only the domain of techie hackers, toolkits for siphoning key information for committing acts of fraud necessitate greater vigilance against theft from cards.
Tricipher commends the Times in today's headline story "Websites sell secret bank data and PINS" for bringing out in to the big open an issue that the banks have known about for some time.

There has been an increase in the development of sophisticated and easy to use automated toolkits geared to creaming off vital personal information from the web. It used to be only expert hackers who could crack in to this sort of data but there are an increasing number of toolkits that can be downloaded from the internet. Tools such as MPack which cost only £500 have enabled cyberthieves to compromise as many as 10,000 websites in a single attack. These are the tools being used to collect the data needed for sale.

The government must force the banks in to making protection of digital personal data key. We've seen a sharp decrease in card not present fraud. What the banks need to do now is make it easier for consumers to protect themselves by offering an online equivalent to the chip and pin system. In addition, banks must become much more imaginative in the data they ask their customers for when they set up an account…..DOB, mother's maiden name etc are all too easy to socially engineer. More specific information such as eg the colour of your first car or your preference in colour of car is much harder to get at via the web. In addition to educating consumers a system of strong mutual authentication should be introduced which moves the onus away from the consumer and on to the banks and service providers. In this type of system the only way precious account details can be unlocked is by the mutual exchange of information between the bank and the customer using a unique key.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo