Furtwangen, January 15, 2008 – Security remains the central issue in online banking: according to the BKA, 3,100 cases of fraud had already been reported by the end of October 2007 – as many as in the whole of 2006. The official total loss amounts to around 14 million euros. The main point of attack is security loopholes in conventional PIN/TAN procedures.
This makes it relatively easy for online fraudsters to obtain account access data and use an intercepted TAN to initiate a bank transfer, for example, usually via (unsuspecting) middlemen to a foreign account.
Greater security and more convenience for customers
More and more German banks are reacting to the worrying increase in crime on the Internet and are switching the authentication of their online services to the HBCI / FinTS security standard.
The Volksbanken and Raiffeisenbanken affiliated with GAD in northern and western Germany, for example, will no longer be sending out TAN lists printed in advance from next spring.
The simple Smart TAN procedure will also be phased out.
As an alternative, cooperative banks will then offer a convenient HBCI legitimization option via VR-BankCard, among other things.
HBCI stands for Home Banking Interface – a security framework that the German banking industry agreed on back in the 1990s and which has since been further developed into the “Financial Transaction Service” (FinTS).
The combination of HBCI and chip card is currently regarded as the most secure protection against hackers and Trojans.
A card reader such as the cyber Jack® from Reiner SCT must be connected to the customer’s PC.
Account transactions are therefore very simple: first, the electronic transfer form is filled out on the computer as before.
The customer then inserts their chip card into the reader and enters their PIN.
Before the order is sent to the bank, it is signed and encoded by the chip on the card using a digital encryption key.
The code and signature are invisible to hackers as they are only stored on the chip and a secure bank computer.
As soon as the bank has received the order via encrypted lines, it decodes the digital signature and compares it with the stored signing key.
The transaction is only carried out if both match. <p “Banks that enable their customers to bank online using HBCI-enabled chip cards are positioning themselves as particularly security-conscious service providers,” says Carsten Sommer, Managing Director of Reiner SCT.
The Furtwangen-based company is one of the leading manufacturers of chip card readers and has long been a strong advocate of the use of HBCI and digital signatures.
The aim is to significantly increase the security level of electronic business transactions.
With its cyber Jack® product series, Reiner SCT offers a wide range of certified readers for a wide variety of applications.
For online banking, for example, it is important that a card reader meets at least security level 2, i.e. that it has its own keypad.
Snooping programs that log entries on the PC keyboard unnoticed (so-called key loggers) therefore have no chance.
The cyber Jack® family also includes models with their own display and biometric recognition, which correspond to security levels 3 and 4.
The use of digital signature cards is also interesting for banks beyond secure account access via the Internet.
This is because they can offer additional services, improve customer loyalty and exploit new business opportunities.
For example, the cash card can be conveniently topped up via the web; your own PC becomes an ATM, so to speak.
An HBCI / FinTS-enabled bank card is also ideally suited as a secure and anonymous means of payment for Internet purchases. (The text contains approx. 4,762 characters)
