Secure e-banking using iPhone, iPad and Android devices
Date: Tue, 08/09/2011 - 18:41
Until recently, wireless devices did not use to be considered safe enough for running sensitive applications such as e-Banking on them without security concerns. The latest optical authentication technology by KOBIL Systems, however, permits the worry-free use of just such wireless gadgets. Because the offline devices KOBIL SecOPTIC, KOBIL TAN Optimus comfort and KOBIL opTAN touch generate the next valid TAN on the basis of the financial transaction data, thereby deflecting phishing, man-in-the-browser and man-in-the-machine attacks. Thanks to the installation-free usage, no extra software needs to be acquired for operating the devices. With its new SecOPTIC compact and SecOPTIC elegance, security specialists of KOBIL created a device that supplements classic optic technology to include the transaction data signing procedure.
Mobility in the traditional sense used to mean doing our e-banking from home any time. Today’s advanced mobility, by contrast, implies the ability to conduct your e-Banking business anywhere and anytime using wireless devices. It is the introduction of new wireless terminal devices such as iPhone, tablet PC and android that has made this possible. And yet users have not felt 100 percent safe when taking advantage of the new options. After all, criminal attacks on e-Banking applications running on wireless devices, such as the infamous ZEUS attack on smsTAN (SMS OTP), have created a sense of insecure e-banking. That being said, more and more people are using the popular wireless terminal devices even as an increasing number of crooks are exploiting their weak spots.
KOBIL’s offline devices, millions of which are already operating in Germany, may be used not just on your home PC but with your iPhone, iPad and Android, too. In addition to the already highly successful legacy devices – KOBIL TAN Optimus comfort and opTAN touch – the new SecOPTIC line is now available. This line is the first to combine one-time password technology (OTP) via optical interface for the transaction signing procedure. This means that e-Banking clients will confirm transaction data on offline device display, which is previously transmitted from the PC (or iPhone, Android or iPad) to the SecOPTIC device via an optical interface before a transaction number (TAN) is generated. This TAN is then entered back to used device to authorise the financial transaction. Up to the final transaction authorisation, the user retains full control over his or her data via the offline device display, and may abort the transaction at any time if the shown data does not match the data that user intends to send to his/her bank. The intelligence of the device is based in the hardware, and cannot be tampered by third parties.
Any KOBIL offline device may be ordered through your house bank. Alternatively, the devices can also be purchased through the KOBIL Shop, though a user will have to clarify beforehand, whether his or her bank actually supports the KOBIL technology. If your bank continues to use unsafe indexed TAN lists or merely offers a smsTAN alternative, it may be time to think about taking your business to another, safer bank.