Kaspersky Lab announces that it is developing a new targeted solution, Safe Money for Banks, which will enable banks and other financial institutions to protect their online customers from financial cyber – attacks. The new product’s capabilities were presented by the company’s CTO Nikolay Grebennikov at the GITEX Technology Week 2013 conference in Dubai.
Attacks against online banking users are extremely attractive to cybercriminals, since each successful attack can bring in ready money from the victim’s electronic account. In other types of attacks, cybercriminals usually have to find ways to monetise them by extorting money from their victims or by selling data stolen on the black market.
Users themselves often fail to take the necessary precautions. In a global survey conducted by Kaspersky Lab jointly with B2B International in 2013, 14% of respondents admitted using unprotected Wi-Fi connections to access online banking and shopping services. About the same percentage were convinced that bank fraud is an extremely rare phenomenon. At the same time, the survey found that approximately 62% of users had faced at least one financial cyber – threat in the preceding 12 months.
Attacks against online banking users also affect the banks themselves. Any incident while using online banking can result in the loss of customer loyalty. In addition, being mentioned in the context of cyber theft is detrimental to a bank’s reputation, even in cases where the bank’s security has not been compromised.
Banks resort to a range of technologies to provide their customers with additional protection against fraud – such as multi-factor authentication. However, these technologies are often incapable of protecting the customers from malware designed to steal valuable financial information.
During his presentation at GITEX, Grebennikov introduced the company’s new security solution, Safe Money for Banks, which provides bank customers with protection against cyber – threats designed to steal financial data.
“In an online banking system, customer computers make up the most vulnerable element, which is exploited by cybercriminals to conduct most of the thefts. We kept this in mind when developing Safe Money for Banks. Our product can effectively block all types of threats that bank customers may face while working with their finances online,” said Grebennikov.
How it works:
Safe Money for Banks provides protection from phishing attacks, as well as blocking targeted SSL certificate spoofing attacks designed to make sites look legitimate. The security solution does this by matching certificates against a database created by Kaspersky Lab. If a certificate turns out to have been spoofed, the solution alerts the user.
After Safe Money for Banks has made certain that the user has reached a legitimate website, the application enables the browser’s safe mode. This blocks the execution of any scripts not required by online banking and therefore potentially malicious. The solution also provides protection against interception of passwords and other sensitive information by keyloggers – this is achieved by incorporating a keyboard driver in the product which protects the transfer of data entered on the keyboard.
Safe Money for Banks will be available to users of Windows and OS X computers, as well as smartphones and tablets running iOS and Android. The solution is currently in the testing stage. Kaspersky Lab plans to release its final version in Q1 2014.
The technologies on which Safe Money for Banks is based were first implemented in Kaspersky Lab’s integrated security solutions for home users in 2011 and have since proved their worth protecting the electronic money of millions of Kaspersky Lab users across the globe on a daily basis.
The high quality and reliability of the protection mechanisms implemented in the Safe Money suite of technologies has been confirmed by independent experts: last year, the independent research institution AV-TEST granted Kaspersky Lab its Innovation Award, emphasizing the solution’s effectiveness in protecting financial online transactions.