14 Dec 2006
Savings bank ING Direct is to introduce anti-keylogging measures in January to protect the accounts of its 500,000 online customers.
Users will enter their PIN by clicking on an on-screen calculator-style keypad, whose numbers change position on each login.
Citibank Consumer Bank pioneered the approach in the UK, introducing it to customers in January 2005. The ING Direct deployment is believed to be the largest UK implementation to date.
‘The new system obviously makes it far more difficult for malicious software to capture the number you are inputting because the numbers on the keypad constantly change,’ said ING spokesman Martin Rutland.
The system will guard against fraudsters who install keylogging devices on computers to record keystrokes and steal personal information. Such devices were used by fraudsters who attempted to steal £220m from Sumitomo Mitsui bank last year.
‘We implemented this with a specific defence in mind against keystroke capture,’ said Citibank’s head of online customer experience David Bacall. ‘We are also looking at two--factor authentication with tokens, but have no plans to roll it out soon.
But Ovum senior analyst Graham Titterington says that anti-keylogging security is not 100 per cent secure.
‘As we move towards two-factor authentication, combining security processes from two different categories such as anti-keylogging and two-factor PIN access can be effective,’ he said.
What do you think? Email feedback@computing.co.uk
Further reading:
I think ING should be congratulated in attempting to make customer accounts more secure, however I do feel this does open the doors to a new type of crime. If a user is using a work computer from the office to check their account, which let's be honest most of us have at sometime; a remote screen share would enable any IT support worker to monitor the pin being entered.
Move this to a more organised crime gang and you will just have a completely new security problem from just a simple keystroke recorder.
Posted by: Peter Jamieson 14 Dec 2006
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
