Sign-What-You-See (SWYS) is a new security technique that improves online banking security. Here is how it works: with SWYS, you are required to verify and sign off on any transactions made from your bank account. You do this with a combination of “something you have” – a digital security device – and dynamic digital signatures based on specific transaction information.
SWYS prevents hackers from successfully hijacking your bank browser during an online banking session and making transactions, as what typically occurs in a man-in-the-browser attack. SWYS solutions have been deployed for major banks all over Europe, and are beginning to become popular in the United States, too.
According to Gartner analyst Avivah Litan, allowing the user to actually see the transaction before confirming it is key. "We have been advocating transaction verification for a long time," she said.