iTWire - Majority of online banking sites insecure by design

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Majority of online banking sites insecure by design

Majority of online banking sites insecure by design

E-mail

by Davey Winder
Friday, 25 July 2008
Page 1 of 2 That is the surprising conclusion of a University of Michigan study which discovered that more than 75 percent of bank sites surveyed had at least one flaw which could make customers vulnerable to financial or identity loss. The findings, which will be presented today at a Symposium on Usable Privacy and Security meeting at the Carnegie Mellon University, suggest that these are design flaws that cannot be fixed with a simple patch... Professor Atul Prakash from the Department of Electrical Engineering and Computer Science at the University of Michigan, along with doctoral students Laura Falk and Kevin Borders, looked at a total of 214 online financial institutions while undertaking the study. None expected to find that such a large number of them would be vulnerable to potential data and identity theft. Featured Whitepaper 5 Best Practices for Smartphone Support Professor Prakash says that "To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country." While focusing on those users who attempt to be careful in their online banking, Prakash found that "unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking." The problem being that these are not simple programming errors. It is not the kind of code glitch that can be patched up and put right with the application of a digital sticking plaster. Instead, Prakash argues that they fundamental flaws which stem from the flow and layout of the web pages themselves. The kind of thing that the report authors are talking about include the placing of login boxes as well as contact information on insecure pages, for example. Or how about a simple failure to keep the user within the boundaries of the actual site they initially visited? Flaws, the study suggests, that "leave cracks in security that hackers could exploit" in order to gain access to private information and accounts. Where are the banks going wrong and what can be done to protect the end user? Read on for more from Professor Prakash... CONTINUES << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

Business Analyst (M15)
VBA Access Excel Developer - CBD - Banking - Employer of Choice (S16)
Vignette Developers / Analyst Programmers - CBD - Finance (S16)
Senior Network Engineer (S24)
Systems Engineer - Java/Weblogic
Senior Systems/Business Analyst
Project Manager
Designers - Data Networks
Web Developer
IT Technical Support Manager

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking