Something Phishy About Bank's Not Using 2FA from HomeATM
Researchshows that most online banking sites have inbuilt flaws which couldpotentially put valuable customer data into the wrong hands.
Now there is a way (since March 17th, 2009) to vastly increase the security of online banking.
HomeATMengineered AND manufactures the world's FIRST and ONLY PIN Entry Devicesolely designed for online authentication and eCommerce to achieve PCI2.0 certification. What that means is:
Banks now have achoice. They can use what many consider to be a very obsoleteUserName/Password login OR they can provide a methodology which safelyand securely authenticates their online banking customers withtwo-factor authentication.
Logging on to a bank's online banking site is now quick/convenient and easy.
Bank customers would simply swipe their bankcard through HomeATM's SafeTPIN device and enter their bank assigned PIN.
HomeATMis proud to introduce the security of "True" 2FA (two-factorauthentication) to the online banking community AND provide the impetusfor banks to procure more online banking customers via the allure ofthe most secure online banking platform in the industry.
I don'tmean to oversimplify how easy it would be for a financial institutionto implement "True 2FA" with HomeATM's device, but it's unavoidable.
To keep it short, I'll provide but one recent fact from Gartner Research:
Now there is a way (since March 17th, 2009) to vastly increase the security of online banking.
HomeATMengineered AND manufactures the world's FIRST and ONLY PIN Entry Devicesolely designed for online authentication and eCommerce to achieve PCI2.0 certification. What that means is:
Banks now have achoice. They can use what many consider to be a very obsoleteUserName/Password login OR they can provide a methodology which safelyand securely authenticates their online banking customers withtwo-factor authentication.
Logging on to a bank's online banking site is now quick/convenient and easy.
Bank customers would simply swipe their bankcard through HomeATM's SafeTPIN device and enter their bank assigned PIN.
HomeATMis proud to introduce the security of "True" 2FA (two-factorauthentication) to the online banking community AND provide the impetusfor banks to procure more online banking customers via the allure ofthe most secure online banking platform in the industry.
I don'tmean to oversimplify how easy it would be for a financial institutionto implement "True 2FA" with HomeATM's device, but it's unavoidable.
To keep it short, I'll provide but one recent fact from Gartner Research:
- Phishing attacks are costly:
According to research firm,Gartner, banks, online payment organizations and other financialinstitutions are bearing most of the financial cost of phishingattacks. (A survey of nearly 4,000 US consumers revealed a 40% increase in the number of phishing victims in 2008 over the year before to five million.)Guess what? The HomeATM "SafeTPIN" device would not only eliminate "phishing attacks" but it would also eliminate the threat of "cloned cards," "cloned bank sites", AND provide "True 2FA." for online banking customers.
The average loss was $350 per phishing attack, but consumers said they had recovered 56% of their losses from the financial institutions involved. (That's $196 to the banks and $154 to the consumers) "The findings underline the fact that the war against phishing is far from over," said Avivah Litan, analyst at Gartner. (Yes, the very same Avivah Litan who says "never" enter your PIN on the Internet unless it's hardware based)
Additional benefits include empowering online banking customers with the ability to perform:As I said, I don't mean tooversimplify WHY they banks should investigate our solution further,but sometimes the simplest things in life are the best...aren't they?
- Person to Person Money Transfers,
- Bill Payment Online (with "True PIN" vs. PINless Debit)
- Secure online transactions with online retailers.
In closing out this week's edition of the PIN Payments News Blog, 'll state one more "food for thought" item.
According to a trustworthy source, Bank of America spent $129 Million on PCI DSS compliance last year.
Now I'm not saying that our SafeTPIN device would eliminate the entire cost of PCI DSS compliance, BUT...on account of how we are "already" PCI 2.0 PED certified, any bank that utilizes our device for "True Two Factor Authentication" during the log-in process, would effectively be removed from the scope of PCI DSS requirements.So...to anybody out there that knows some high level banking executives...pop me an email and let's talk.
- at least for their online banking application
- and Bill Pay
- and online eCommerce Transactions
- and Money Transfers
I'll make you some serious money, save the bank's some serious money, enhance the banks' image AND provide consumers with the peace of mind knowing that their financial information is secure!.
Consumers fear financial security threats more than the threat of a terrorist attack (see graph on left)
Here's a quote from: Convenience or Security? How About BOTH?
American's "DEFINITELY" want security.
Infact American's worry more about credit and debit card fraud than theydo about a terrorist attack...according to a new report from Unisys.
Oh...andin quantity, our device costs about 10% of what it currently costsbanks and consumers for each "phishing incident." Simple...ain't it?