FutureFive New Zealand - Consumer technology news & reviews from the future
New Zealand
Guides
#
drones
#
gaming
#
reviews
#
smartphones
#
virtual reality
Search
Story image
#
Cloud Services
#
Microsoft
#
Public Cloud
The latest weapon in the fight against fraud
Thu, 19th Jan 2012
FYI, this story is more than a year old
By Staff Writer
Follow us

In the fast-moving fight against online fraud, the pressure is on for security companies to plug technology holes as quickly as possible – preferably before they are even opened.

While user passwords offer the semblance of security, they are highly susceptible not only to human error but also to attacks like phishing and keystroke logging.

To combat this, security companies developed the One Time Password (OTP) – a randomly-produced password that can be used only once, delivered on request to a unique device called a ‘token’ (or to a mobile phone).

The problem that has emerged with OTP systems is what’s known as ‘Man in the Browser’ attacks, whereby hackers infect a user’s browser with malware which tampers with the particular transaction the user is performing, often while still presenting the correct result.

To combat this problem, data protection experts SafeNet have developed a special kind of OTP token which uses an optical sensor to read the transaction data they have entered, in the form of a flashing graphic, direct from their screen. Once the user has approved the token's reading, they are given a special numeric signature, which they enter on the banking site to complete the transaction.

Vince Lee, ANZ regional sales manager for SafeNet, says the device, known as the eToken 3500, allows the user to authenticate not only their own identity, but the exact details of each transaction being performed.

"It adds another level of integrity to the system,” Lee says.

"[OTP tokens] have been a popular way to authenticate people securely, but having said that, today we have new threats on the landscape... and those threats are taking place regardless of strong authentication.”

The token requires its own PIN or password to unlock, meaning it can’t be used if it is lost or stolen.

Although SafeNet targets large institutions such as banks and government agencies with its full data protection platform, Lee says there is definitely a market for the device among consumers.

"This could be put into the hands of every consumer out there.”

Go here to check out a short video explaining how the eToken 3500 works.

Related stories
Stuff, Straker & Microsoft foster te reo Maori with AI
Netsafe allies with CYBERA for enhanced scam recovery
Hands-on review: Maono Wireless Microphone WM620 Series
Looking ahead and breaking the glass ceiling through self-belief
Corsair launches K65 Plus Wireless gaming keyboard in ANZ
Top stories
Samsung unveils 2024 TV range, with AI-driven picture technology
AI is here to stay - share market fads versus trends
Game review: Children of the Sun (PC)
TVNZ launches innovative sports streaming service with MediaKind & Qibb
Sony launches ULT Power Sound series with artist Peso Pluma