Not Verified and not Secure
(Thomson Reuters ONE) - Independent research from the University of Cambridge reveals the weakness oftoday's approach to eCommerce authentication. Todos technology offers auser-friendly way to increase security within the 3D Secure environment.GOTHENBURG, SWEDEN - FEBRUARY 10 2010 - To protect themselves againstcard-not-present fraud, merchants increasingly turns to 3D Secure (3DS)technology, exemplified by Verified by Visa and MasterCard SecureCode. However,Steven Murdoch and Ross Anderson describe this as "lousy technology" in a recentreport for theComputer Laboratory at Cambridge University, UK.According to the report's authors, there are numerous serious problems with theexisting approach to e-commerce security. Many relate to the way different banksand card issuers implement the standard. Banks often cut corners when enrollingand verifying users. For example, some firms ask for users' PIN numbers and thesystem overshares personal information between banks, merchants and outsidecontractors. Many of these problems stem from reliance on static passwords andthe need to authenticate users at the point when they first enter theirpassword.All these problems undermine customer confidence and make life easier for onlinecriminals says the report - and Todos agrees. Which is also why Todos targetedthe issue already in 2007, developing a more secure, more private, moretrustworthy alternative. Todos technology works within the 3DS environment tooffer merchants and card issuers a much more secure alternative to staticpasswords: * Two-factor authentication. Using a Todos device or mobile application and a private PIN, users can securely authenticate ecommerce transactions without revealing personal information. * Malware and phishing protection. Todos technology makes man-in-the-middle attacks virtually impossible and thwarts online criminals using phishing sites. * Transaction authentication/verification. Our latest authentication devices allow users to see details of the transaction they are signing; providing informed consent for transactions. * Secure domain separation. Uniquely, Todos devices keep authentication for ecommerce and online banking separate so that a breach in one area does not compromise the other. * Complete range of devices. The authors recommend 'sign what you see' technology and Todos offers the full-range of these products. However, the company also offers options, including tokens, mobile solutions and card readers, which are also highly secure, flexible and popular with banks and their customers."In the long term we need to move to a trustworthy payment device," says thereport. At Todos, we couldn't agree more. "This report completely validates theTodos approach to eCommerce authentication," says H?n Nordfjell, COO at TodosAB.Advanced security is not a pipedream. Todos makes it a reality today. Nordjellexplains: "Our 3D Secure eCommerce technology is already used byforward-thinking banks such as Nordea, China Trust Commercial Bank and ICABanken and we're ready to protect hundreds of millions of vulnerable Verified byVisa and Mastercard SecureCode customers. With us, they are properly verifiedand truly secure."###Todos ABhelps banks and other businesses create trusted, secure relationshipswith their customers online. Founded in 1987, Todos designs, develops, deliversand supports security solutions for remote authentication. We have deliveredover 20m products to 100+ financial institutions in more than 30 countries. Whentrust matters, trust Todos. For more information visit: www.todos.se.For further information please contact:John Ahlberg, Communications Directorjohn.ahlberg(at)todos.se Todos AB+46 31 775 88 00www.todos.se [HUG#1382868] Full story - PDF: http://hugin.info/141510/R/1382868/341771.pdf
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:Leseranfragen:PresseKontakt / Agentur:Bereitgestellt von Benutzer: hugin
Datum: 10.02.2010 - 08:00 Uhr
Sprache: Deutsch
News-ID 1010216
Anzahl Zeichen: 0
contact information:
Contact person:
Town:
Phone:
Kategorie:
Anmerkungen:
Diese Pressemitteilung wurde bisher
110 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"
Not Verified and not Secure
"
steht unter der journalistisch-redaktionellen Verantwortung von
Todos AB
(
Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum
Haftungsauschluß (gemäß
TMG - TeleMedianGesetz) und dem
Datenschutz (gemäß der
DSGVO).
