One Time Passwords Aren't Enough - Gartner

Hackers are defeating tough authentication, Gartner warns


One-time passwords, aren't enough to stop cybercrooks from plundering bank accounts

In an article for ComputerWorld, Jaikuman Vijayan reports that OTP's don't cut it.  The PIN Payments Blog has made that ascertainment months ago.  Advancements in malware, including a real-time keystroke logging program defeats any security offered by One-Time-Password or One-Time-PINs. 



By Jaikumar Vijayan

Computerworld - Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.

Increasingly, such measures are overwhelmed by online criminals looking to pillage bank accounts using valid login credentials stolen from customers, the report said.



Going forward, banks need to quickly implement additional layers of security to protect their customers from falling victim to online fraud, said Avivah Litan, Gartner analyst and the report's author. Gartner's warning comes amid a sharp uptick in fraud involving the exploitation of valid online banking credentials...



Continue Reading

Related articles by Zemanta

• More On the URLZone Online Banking Trojan (pindebit.blogspot.com)


• Garlik's UK Cybercrime Report 2009 Released (pindebit.blogspot.com)


• Online Banking's Ticking Time Bomb... (pindebit.blogspot.com)


• Password, Username Stealing Malware Volume Jumps 400% (pindebit.blogspot.com)


• How Banks Can Be Serious Players in P2P Payments (pindebit.blogspot.com)


• ComputerWorld: Username/Password Obsolete and Weak (pindebit.blogspot.com)


• Online Banking Fraud in the UK Hits a New High (pindebit.blogspot.com)