YOUR IT - Technology for you

No. 1 Story

Online group buying market surges to near $500b and growing

Online group buying has taken off in a big way in the Australian market, with the market now worth nearly nearly half a billion dollars and significant growth predicted over the next 12 months and beyond. read more

StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

Majority of online banking sites insecure by design

Davey Winder
Friday, 25 July 2008 04:35

Your IT - Home IT

Page 1 of 2
That is the surprising conclusion of a University of Michigan study which discovered that more than 75 percent of bank sites surveyed had at least one flaw which could make customers vulnerable to financial or identity loss. The findings, which will be presented today at a Symposium on Usable Privacy and Security meeting  at the Carnegie Mellon University, suggest that these are design flaws that cannot be fixed with a simple patch...

Professor Atul Prakash from the Department of Electrical Engineering and Computer Science at the University of Michigan, along with doctoral students Laura Falk and Kevin Borders, looked at a total of 214 online financial institutions while undertaking the study. None expected to find that such a large number of them would be vulnerable to potential data and identity theft.

Microsoft Office 365 Get your free Trial
Professor Prakash says that "To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country." While focusing on those users who attempt to be careful in their online banking, Prakash found that "unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking."

The problem being that these are not simple programming errors. It is not the kind of code glitch that can be patched up and put right with the application of a digital sticking plaster. Instead, Prakash argues that they fundamental flaws which stem from the flow and layout of the web pages themselves.

The kind of thing that the report authors are talking about include the placing of login boxes as well as contact information on insecure pages, for example. Or how about a simple failure to keep the user within the boundaries of the actual site they initially visited?

Flaws, the study suggests, that "leave cracks in security that hackers could exploit" in order to gain access to private information and accounts.

Where are the banks going wrong and what can be done to protect the end user? Read on for more from Professor Prakash...

CONTINUES


Start 1 2 Next 

Sponsored Announcements

Eaton’s Innovative Rack Power Distribution Solutions Offer High-Accuracy Power Monitoring and Management at the Individual Outlet Level

David Bass | Diversified industrial manufacturer Eaton Corporation has today launched a new set of enclosure power distribution units, ePDUs, that prov…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases