Chen Arbel, vice president of strategic development, Aladdin Knowledge Systems

Strong authentication protects online banks and enterprises from identity theft and other data attacks

In the past years online banking has risen in popularity, increasing the number of online services that are offered by many financial organizations and businesses.  This indicates an extremely bright future for e-banking. However, the rise in eCrime and the bear economy have created a bull market for cyber attacks. Law enforcement and eCrime security experts have indicated that in the past eight months, cybercrime is on the rise.

The primary victims for these recent attacks are consumers and businesses. Attacks comes in different flavors — in some cases victims are routed to fake web sites spoofing legitimate banks, government agencies, mortgage-services. Regardless of the flavor, the main goal of these attacks is to gain access to online financial accounts (consumer or business), using the information to take advantage of sensitive data and steal identities. The direct result of these attacks is the loss of faith in the safety of the internet and hesitation by both consumers and businesses which could ultimately decrease the use of on-line resources for sensitive transactions.

Because of this, there has been a significant rise n the number of financial organizations and enterprises using strong authentication technology to counteract cybercrime. A robust two-factor authentication solution enables an organization to implement proactive security measures to restore trust and mitigate cybercrime by going beyond simple usernames and passwords to provide a more secucre means of identifying users who are accessing online banking, private networks, sensitive data and applications.

Online and consumer services environments are usually uncontrolled and are comprised of various types of users with great variations in their levels of technical expertise. Moreover, the life cycle management process for online services is extremely complicated, especially when considering issues such as deployment, distribution, provisioning and support. Other issues that need to be considered are user convenience, and potential problems such as obsolete or disparate operating systems.

There are many products available for strong authentication and the choices are based on the needs and infrastructures of a business and its users. Existing solutions include one-time-password (OTP) tokens, as well as USB-based smartcards which store individual credentials and certificates on-board the smartcard to enable strong encryption. However, neither of these are the perfect solution that meets the needs of convenience, portability and security in one solution.

The future of authentication technology is looking bright for online banking organizations, whose customers require a plug-and-play solution, but whose transactions require the robust encryption of a certificate-based smartcard. Trends in the authentication market are leading to a single solution with the advanced technology of a USB-based smartcard and the easy-to-use functionality of an OTP token. In combining these two solutions, you get a portable smartcard-based token that enables PKI-based strong authentication, secure remote access and extra features like digital signatures. By combining the strength of PKI technologies with simplicity and ease of use for almost any user, future authentication technologies will be ideal to help restore trust in services like online banking and protect consumers and business users against common Web attacks.