Cybercriminals
are already targeting mobile banking apps as a “way in” to customer
accounts – as witnessed in ESET’s discovery of a new, advanced Trojan, Hesperbot.
But a new IBM system may help secure smartphones – by using
near-field communications chips (NFC) for an additional layer of
security.
It’s the first system to allow “two-factor” security for smartphones, according to a CNET report.
“When you use your phone to access the service, the phone
is no longer the second factor,” said Diego Ortiz-Yepes, a mobile
security scientist at IBM Research.“Our two-factor authentication
technology based on the Advanced Encryption Standard provides a robust
security solution with no learning curve.”
“One billion mobile phone users will use their devices for
banking purposes by 2017 - which makes for an increasingly opportune
target for hackers,” IBM said in a statement.
Many new smartphones ship with the chips, but payment systems using
NFC – a radio system designed for short range communication – have
failed to catch on, partially due to security concerrns. IBM claims its
new system – which requires a card (such as a payment card or employee
ID card) and an NFC device – is much more secure.“The user simply holds the contactless smartcard next to the NFC reader of the mobile device and after keying in their personal identification number (PIN), a one-time code would be generated by the card and sent to the server by the mobile device,” the company says.
“The IBM technology is based on end-to-end encryption between the smartcard and the server using AES (Advanced Encryption Standard) scheme. Current technologies on the market require users to carry an additional device, such as a random password generator, which is less convenient and in some instances less secure.”
IBM scientists in Zurich claim that the system has the advantage of familiarity – many users already use two-factor authentication, for instance to log in to a corporate network.
The system is available from today for any NFC-enabled Android 4.0 device. Future updates will add other NFC-equipped devices.
Financial watchdogs have warned this year that the increasing use of banking apps – often on unprotected smartphones poses an “important risk” to consumers .
The Financial Conduct Authority, a British watchdog is to investigate the risks posed by banking apps, according to a report by This is Money – particularly malicious apps that pose as genuine banking apps.
The Financial Conduct Authority, a British watchdog is to investigate the risks posed by banking apps, according to a report by This is Money – particularly malicious apps that pose as genuine banking apps.
No comments:
Post a Comment