Hamburg, June 12, 2007 – Most online bankers are familiar with phishing, pharming and Trojans.
Nevertheless, Internet fraudsters still find numerous victims among online bankers.
Although HBCI with chip card is currently the most secure procedure for online banking, only eight percent of all online bankers use this recognized and effective security procedure.
This is why the 2007 security offensive is now being launched and provides information about possible attack scenarios on the Internet, effective protective measures and the advantages of HBCI with chip card.
The risks of the PIN/TAN procedure
If you want to do online banking, you can choose between different security procedures, depending on what your bank or savings bank offers.
According to a DSGV study, the PIN/TAN procedure via the bank’s website is the most widely used security procedure at 88%. Unfortunately, this Internet-based procedure offers numerous opportunities for attacks through phishing or pharming. For this reason, but also because of its widespread use, cyber criminals focus on it and try to steal security-relevant data such as PIN/TAN.
The majority of all online bankers are aware of these security threats on the Internet: 98 percent are familiar with viruses and malware, 89 percent are aware of phishing and 45 percent have also heard of pharming.
These are the results of the 2006 PASS study.
Nevertheless, many online bankers still fall for it: According to the Federal Criminal Police Office, there were 3,500 successful cases of phishing in Germany alone in 2006.
The reason: although users are aware of the dangers, they are unable to recognize phishing sites, for example.
Advantages of HBCI with chip card
The simplest and currently most secure solution against phishing and the like is the HBCI security procedure with chip card.
The security-relevant data is protected against changes by criminals thanks to multiple security mechanisms such as encryption, cryptographic checksums and digital signatures.
Even if the data is intercepted by criminals during transmission, they cannot do anything with it.
This is because they lack the bank’s “data keys” and the customer’s personal chip card to decode the security-relevant data.
Although independent security experts and credit institutions recommend HBCI with chip card and describe it as “exemplary”, it is only used by a few online bankers.
The reasons for this are mainly ignorance, but presumably also the acquisition costs.
This is because the user needs a chip card reader and banking software.
But the investment is worth it: because HBCI with chip card gives the online banker a considerable increase in security.
More security not just for IT professionals
The aim of the 2007 security offensive is therefore, on the one hand, to provide information about possible attack scenarios by cyber criminals and effective protective measures.
On the other hand, every online banker should be able to use this security procedure – with an affordable offer of a chip card reader and banking software from 69 euros instead of the regular 114 euros.
www.sicherheitsoffensive2007.de Interested parties can obtain important information:
- How do phishing, pharming and co. work?
- How can I protect myself?
- Why is HBCI with chip card more secure than other procedures?
- How can I make HBCI with chip card more secure than other procedures?
