Transactions are still not secure with online
banking, what else should be done?
The simple answer: Log on to online banking with the same trusted method used to access cash from an ATM. Insert your card into a card reader and enter your PIN into a PCI 2.x certified PIN Entry Device...
Gartner Inc. warns that the measures taken by the financial institutions to protect online transactions are lame and are no longer enough to protect online banking systems against fraud.
Sophisticated tools used by the cybercriminals make them successful in hacking security systems so as to steal customers' log-in credentials and pillage their bank accounts, says Gartner analyst Avivah Litan.
Trojan horses steal credentials or intercept transactions and other measures like a phone-based, "out of band" authentication system, makes no good either. Perpetrators use call forwarding so that the fraudster, not the legitimate customer, gets the call from the financial institution, Litan said.
A Trojan completes transactions much faster than a human would; a Trojan can take as little as one second to enter a money transfer amount and press OK, whereas a human would take 20 to 30 seconds. Editor Translation: If both of them receive the generated One-Time-Password at the same time, the online banking customer doesn't stand a chance against a Trojan.
