Bank system internal security is so good hackers instead attack the weak link in the chain—bank clients’ PCs. The Anti-Phishing Working Group (APWG) estimates 39% of all PCs have crimeware installed on them designed to steal login credentials or hijack online banking sessions. Now e-bankers worldwide are offering their customers, especially commercial clients, new security features such as two-factor authentication, using “something you have”—a personal security device separate from the PC— as part of the login. This means a would-be cyber-thief cannot get into your account without the device, offering you significantly higher protection than just a password.
Another more advanced new security technology is Sign-What-You-See (SWYS), which requires you to verify and approve every transaction made from your bank account using your personal security device. SWYS prevents hackers from successfully hijacking your bank browser during an online banking session and making transactions, using something called a “man-in-the-browser” attack.